Compare commits
53 Commits
Author | SHA1 | Date |
---|---|---|
DarkFeather | 69e2bcc966 | |
DarkFeather | 8392a3fe46 | |
DarkFeather | 63a43c6f0e | |
DarkFeather | 444b8171f5 | |
DarkFeather | ea75da1b41 | |
DarkFeather | 5ab88dc387 | |
DarkFeather | 60f848b55d | |
DarkFeather | 75bf57c131 | |
DarkFeather | 921e45afda | |
DarkFeather | 633f231b26 | |
DarkFeather | be2908625d | |
DarkFeather | 49b67de7ec | |
DarkFeather | e9fde0d8c9 | |
DarkFeather | 6a4aabee01 | |
DarkFeather | 5fef78f60e | |
DarkFeather | 2f93e03f3a | |
DarkFeather | 638b4e8c6e | |
DarkFeather | 956b00a06e | |
DarkFeather | d92ab6acda | |
DarkFeather | a2fecf9d64 | |
DarkFeather | bef53d5889 | |
DarkFeather | 99b7b9026c | |
DarkFeather | c589f5ac55 | |
DarkFeather | 36d0be5f88 | |
DarkFeather | 890e20c64c | |
DarkFeather | 72a62b63eb | |
DarkFeather | 0626c66413 | |
DarkFeather | a34c96df6b | |
DarkFeather | a43cb4b6bb | |
DarkFeather | 12d2ca9a1d | |
DarkFeather | 81b9a0a190 | |
DarkFeather | b7d26b6aa7 | |
DarkFeather | 94f546a7be | |
DarkFeather | 59b54619f7 | |
DarkFeather | 8b2b0be95b | |
DarkFeather | 9758b23193 | |
DarkFeather | 51e2836378 | |
DarkFeather | 01dde4008d | |
DarkFeather | d0146770a4 | |
DarkFeather | 1c2f4266ad | |
DarkFeather | d1140cf78b | |
DarkFeather | a881363b9b | |
DarkFeather | 5d04f1b393 | |
DarkFeather | 921d53c724 | |
DarkFeather | 94a4736839 | |
DarkFeather | eb39acaa06 | |
DarkFeather | 8f85acce78 | |
DarkFeather | 87775fe636 | |
DarkFeather | 68ef34c3c6 | |
DarkFeather | 17a9e9ef7d | |
DarkFeather | 432cc36ef8 | |
DarkFeather | ffbd7b7bd8 | |
DarkFeather | e12c8ff0c6 |
|
@ -1,3 +1,17 @@
|
|||
# Generated files
|
||||
roles/Node/files/*-vm.service
|
||||
roles/Nazara/files/dns
|
||||
roles/Nazara/files/dhcp
|
||||
roles/Node/files/vm-definitions/**
|
||||
roles/ShadowArch/files/mirrorlist
|
||||
roles/Sharingan/files/monit/checks/availability
|
||||
roles/Foundation/files/custom/public/img/**
|
||||
venv/**
|
||||
**/pkg/**
|
||||
**/src/**
|
||||
**pkg.tar.zst
|
||||
wiki/**
|
||||
|
||||
# ---> Python
|
||||
# Byte-compiled / optimized / DLL files
|
||||
__pycache__/
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
pkgdirname != basename `git config remote.origin.url` | sed 's/.git$$//'
|
||||
optlist = bin examples playbooks roles
|
||||
|
||||
compile:
|
||||
@echo Nothing to do
|
||||
|
||||
install: clean compile
|
||||
mkdir -p ${pkgdir}/opt/aninix/${pkgdirname}/
|
||||
for opt in ${optlist}; do cp -pr $$opt ${pkgdir}/opt/aninix/${pkgdirname}/${opt}; done
|
||||
make checkperm
|
||||
|
||||
clean:
|
||||
git clean -fdX
|
||||
|
||||
uninstall:
|
||||
rm -Rf ${pkgdir}/opt/aninix/${pkgdirname}/
|
||||
|
||||
test: compile
|
||||
#python3 -m pytest
|
||||
|
||||
checkperm:
|
||||
chown -R root: ${pkgdir}/opt/aninix/${pkgdirname}/
|
||||
chmod 0755 ${pkgdir}/opt/aninix/${pkgdirname}/
|
||||
chmod -R a+r ${pkgdir}/opt/aninix/${pkgdirname}/
|
||||
|
||||
diff:
|
||||
@echo Nothing to do.
|
||||
for opt in ${optlist}; do diff -r ${pkgdir}/opt/aninix/${pkgdirname}/${opt} $$opt; done
|
||||
|
||||
reverse:
|
||||
for opt in ${optlist}; do rsync -avzlp ${pkgdir}/opt/aninix/${pkgdirname}/${opt}/ $$opt; done
|
|
@ -0,0 +1,46 @@
|
|||
pkgname="$(git config remote.origin.url | rev | cut -f 1 -d '/' | rev | sed 's/.git$//')"
|
||||
pkgver="$(git describe --tag --abbrev=0)"."$(git rev-parse --short HEAD)"
|
||||
pkgrel=1
|
||||
pkgrel() {
|
||||
git log "$(git describe --tag --abbrev=0)"..HEAD | grep -c commit
|
||||
}
|
||||
epoch=
|
||||
pkgdesc="$(head -n 1 README.md)"
|
||||
arch=("x86_64")
|
||||
url="https://aninix.net/foundation/${pkgname}"
|
||||
license=('custom')
|
||||
groups=()
|
||||
depends=('bash>=4.4' 'python>=3.11' 'ansible>=8.3' 'tmux' 'openssh')
|
||||
makedepends=('make>=4.2')
|
||||
checkdepends=()
|
||||
optdepends=()
|
||||
provides=("${pkgname}")
|
||||
conflicts=()
|
||||
replaces=("${pkgname,,}" "aninix-${pkgname,,}")
|
||||
backup=()
|
||||
options=()
|
||||
install=
|
||||
changelog=
|
||||
source=()
|
||||
noextract=()
|
||||
md5sums=()
|
||||
validpgpkeys=()
|
||||
|
||||
prepare() {
|
||||
git pull
|
||||
}
|
||||
|
||||
build() {
|
||||
make -C ..
|
||||
}
|
||||
|
||||
check() {
|
||||
chmod -R u+r ../pkg
|
||||
make -C .. test
|
||||
}
|
||||
|
||||
package() {
|
||||
export pkgdir="${pkgdir}"
|
||||
make -C .. install
|
||||
install -D -m644 ../LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
|
||||
}
|
44
README.md
44
README.md
|
@ -1,3 +1,43 @@
|
|||
# Tenebrous
|
||||
This project will discover and provide inventory intelligence to Sora, Shadowfeed, Geth, and Sharingan.
|
||||
|
||||
This project will discover and provide inventory intelligence to Sora, Shadowfeed, Geth, and Sharingan. It is named after the fictional Tenebrous from the SWTOR game.
|
||||
*Note*: This project is in progress -- former Makefiles from [ConfigPackages](/AniNIX/ConfigPackages) are being upgraded into Ansible playbooks here.
|
||||
|
||||
# Etymology
|
||||
|
||||
It is named after the fictional Star Wars Imperial Intelligence organization that oversaw the various divisions of Intelligence and orchestrated their operations. Like its namesake, this project oversees the various tools within our ecosystem and enforces compliance with standards.
|
||||
|
||||
# Relevant Files and Software
|
||||
|
||||
This project expects that you use an Ansible vault for credentials. Create one and add this to your `.bashrc`.
|
||||
```
|
||||
export ANSIBLE_VAULT_PASSWORD_FILE=$HOME/password-store/${organization}.vault.password
|
||||
export ANSIBLE_VAULT_FILE=$HOME/password-store/${organization}.vault
|
||||
```
|
||||
|
||||
Take a look at `examples/msn0.yml` as an example inventory -- make sure you populate one of your own.
|
||||
|
||||
Once you have your vault and inventory, use [AniNIX/ShadowArch](/AniNIX/ShadowArch) with your hypervisor to provision the base image for your machines, or [Raspbian](https://www.raspberrypi.org/).
|
||||
|
||||
Then, use the SSH key playbook to copy your key and the deploy playbook to set things up.
|
||||
```
|
||||
ansible-playbook -i your-inventory.yml playbooks/sshkey.yml
|
||||
ansible-playbook -i your-inventory.yml playbooks/deploy.yml
|
||||
```
|
||||
|
||||
We've also added two scripts in `./bin` to make your life easier:
|
||||
* `full-deploy`: This is the general role. If you are creating an AniNIX replica, once you have your inventory and vault populated, then you can run this script to push everything. This is also optimal when rotating vault secrets or other global tasks. This is effectively standardizing invocation of our overall deployment playbook.
|
||||
* `deploy-role`: When you are updating a specific role, use this script to push that role to your group. Ideally, this should only be used to push a role that you have been working on to a target group in your inventory that's already tagged for the role in the deployment playbook.
|
||||
|
||||
Happy hacking!
|
||||
|
||||
## Exceptions
|
||||
|
||||
Some services, such as AniNIX/Sharingan and AniNIX/Geth, store their configuration in internal datastructures and databases such that we cannot easily export our build for others to use. We will document what we have done for each of these as best we can in the README.md files for others to replicate. Backups of these services into AniNIX/Aether are therefore dumps of these databases and not available to share.
|
||||
|
||||
# Available Clients
|
||||
|
||||
This service is a management tool -- its files get used by the Ansible toolset. There are no clients to connect directly to this service, as we have chosen a serverless approach.
|
||||
|
||||
# Equivalents or Competition
|
||||
|
||||
This service is our elected Infrastructure-as-Code solution -- many professional tools like Ansible Tower, Terraform, etc. do the same thing. Some apps ship OVA's, or prebuilt images, of their software. Docker registries also serve as similar way to document the means by which services are built.
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Role is first argument
|
||||
role="$1"
|
||||
if [ -z "$role" ]; then
|
||||
echo Need a role as first argument.
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Handle verbosity
|
||||
if [ "$1" == "-v" ]; then
|
||||
set -x
|
||||
shift
|
||||
role="$1"
|
||||
fi
|
||||
|
||||
# Handle usage
|
||||
if [ "$role" == "-h" ] || [ "$role" == "--help" ]; then
|
||||
echo "Usage: $0 -h"
|
||||
echo " $0 \$role \$targetgroup [\$optional_inventory]"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Find the root of the git clone
|
||||
while [ ! -d .git ]; do
|
||||
cd ..
|
||||
if [ "$PWD" == '/' ]; then
|
||||
echo "This needs to be run from the Ubiqtorate checkout"
|
||||
exit 3
|
||||
fi
|
||||
done
|
||||
|
||||
# Get the targetgroup
|
||||
targetgroup="$2"
|
||||
if [ -z "$targetgroup" ]; then
|
||||
targetgroup="$role" # Deploy a role to the server named for that function
|
||||
fi
|
||||
|
||||
# Allow an inventory override
|
||||
inventory="$3"
|
||||
if [ -z "$inventory" ]; then
|
||||
inventory=examples/msn0.yml
|
||||
fi
|
||||
|
||||
# Invoke the one-role playbook for the role on the targetgroup
|
||||
ansible-playbook -i "$inventory" -e "role=$role" -e "targets=$targetgroup" playbooks/one-role.yml
|
||||
# and return the exit status
|
||||
exit $?
|
|
@ -0,0 +1,24 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Arguments
|
||||
inventory="$1"
|
||||
if [ "$inventory" == "-h" ] || [ "$inventory" == "--help" ]; then
|
||||
echo "Usage: $0 -h # Usage"
|
||||
echo " $0 # Run a complete deployment."
|
||||
exit 0
|
||||
elif [ -z "$inventory" ]; then
|
||||
inventory="examples/msn0.yml"
|
||||
fi
|
||||
|
||||
# Find the root of the git clone
|
||||
while [ ! -d .git ]; do
|
||||
cd ..
|
||||
if [ "$PWD" == '/' ]; then
|
||||
echo "This needs to be run from the Ubiqtorate checkout"
|
||||
exit 3
|
||||
fi
|
||||
done
|
||||
|
||||
ansible-playbook -i examples/msn0.yml playbooks/deploy.yml
|
||||
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
curl -s https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/pacman-mirrorlist/trunk/mirrorlist | awk '/^## United States$/{f=1; next}f==0{next}/^$/{exit}{print substr($0, 1);}' | sed 's/^#Server/Server/' > /tmp/candidates
|
||||
cat <<EOM > ../roles/Maat/files/pacoloco.yaml
|
||||
port: 9129
|
||||
download_timeout: 3600 # download will timeout after 3600 seconds
|
||||
cache_dir: /var/cache/pacoloco
|
||||
purge_files_after: 360000 # 360000 seconds or 100 hours, 0 to disable
|
||||
repos:
|
||||
archlinux:
|
||||
urls:
|
||||
$(rankmirrors -n 6 /tmp/candidates | sed 's/^Server = / - /' | grep -v generated\ by | cut -f 1 -d \$)
|
||||
user_agent: Pacoloco
|
||||
EOM
|
|
@ -0,0 +1,83 @@
|
|||
#!/usr/bin/env python3
|
||||
# File: generate-pihole-dns-dhcp.py
|
||||
#
|
||||
# Description: This file generates the DNS and DHCP files for pihole.
|
||||
#
|
||||
# Package: AniNIX/Ubiqtorate
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <darkfeather@aninix.net>
|
||||
|
||||
import os
|
||||
import subprocess
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
rolepath='../roles/Sharingan/files'
|
||||
monfilepath=rolepath+"/monit/checks/availability"
|
||||
|
||||
def WriteMonitoringEntry(content,hosttype,hostclass):
|
||||
### Create the ping-based monitoring entry
|
||||
# param content: the yaml content to parse
|
||||
# param hosttype: managed or unmanaged
|
||||
# param hostclass: the type of host as classified in the yaml
|
||||
global monfile
|
||||
|
||||
with open(monfilepath,'a') as monfile:
|
||||
|
||||
# Write host entries
|
||||
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
|
||||
try:
|
||||
hostname= host + '.' + content['all']['vars']['replica_domain']
|
||||
monfile.write('check program ' + host + '_ping_mon with path "/usr/lib/monitoring-plugins/check_ping -H ' + hostname + ' -w 100,50% -c 1000,100% -p 3 -t 60 -4"\n')
|
||||
monfile.write(' if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical ' + hostname + ' is not online."\n\n')
|
||||
except:
|
||||
print(host + ' is not complete for monitoring.')
|
||||
|
||||
def WriteSSHMonitoringEntry(content,hosttype,hostclass):
|
||||
### Create the ping-based monitoring entry
|
||||
# param content: the yaml content to parse
|
||||
# param hosttype: managed or unmanaged
|
||||
# param hostclass: the type of host as classified in the yaml
|
||||
global monfile
|
||||
|
||||
with open(monfilepath,'a') as monfile:
|
||||
|
||||
# Write host entries
|
||||
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
|
||||
try:
|
||||
hostname= host + '.' + content['all']['vars']['replica_domain']
|
||||
monfile.write('check program ' + host + '_ssh_mon with path "/usr/lib/monitoring-plugins/check_ssh -H ' + hostname + '"\n')
|
||||
monfile.write(' if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical ' + hostname + ' is not responding to SSH."\n\n')
|
||||
except:
|
||||
print(host + ' is not complete for monitoring.')
|
||||
|
||||
def GenerateFiles(file):
|
||||
### Open the file and parse it
|
||||
# param file: the file to work on
|
||||
global monfilepath
|
||||
|
||||
if not os.path.isdir(rolepath):
|
||||
os.mkdir(rolepath)
|
||||
|
||||
# Parse the yaml
|
||||
with open(file, 'r') as stream:
|
||||
content = yaml.safe_load(stream)
|
||||
|
||||
if os.path.isfile(monfilepath): os.remove(monfilepath)
|
||||
|
||||
# Add DNS entries for each host
|
||||
hosttype = 'managed'
|
||||
for hostclass in ['physical','virtual','geth_hubs']:
|
||||
#WriteMonitoringEntry(content,hosttype,hostclass)
|
||||
WriteSSHMonitoringEntry(content,hosttype,hostclass)
|
||||
hosttype = 'unmanaged'
|
||||
for hostclass in ['ovas','appliances']:
|
||||
WriteMonitoringEntry(content,hosttype,hostclass)
|
||||
|
||||
if __name__ == '__main__':
|
||||
if len(sys.argv) != 2:
|
||||
print("You need to supply an inventory file.")
|
||||
sys.exit(1)
|
||||
GenerateFiles(sys.argv[1])
|
||||
sys.exit(0)
|
|
@ -0,0 +1,86 @@
|
|||
#!/usr/bin/env python3
|
||||
# File: generate-pihole-dns-dhcp.py
|
||||
#
|
||||
# Description: This file generates the DNS and DHCP files for pihole.
|
||||
#
|
||||
# Package: AniNIX/Ubiqtorate
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <darkfeather@aninix.net>
|
||||
|
||||
import os
|
||||
import subprocess
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
rolepath='../roles/Nazara/files'
|
||||
dnsfilepath=rolepath+"/dns"
|
||||
dhcpfilepath=rolepath+"/dhcp"
|
||||
|
||||
def WriteDHCPEntry(content,hosttype,hostclass):
|
||||
### Create the DHCP entry
|
||||
# param content: the yaml content to parse
|
||||
# param hosttype: managed or unmanaged
|
||||
# param hostclass: the type of host as classified in the yaml
|
||||
global dhcpfile
|
||||
|
||||
with open(dhcpfilepath,'a') as dhcpfile:
|
||||
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
|
||||
try:
|
||||
dhcpfile.write('dhcp-host=' + content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['mac'] + ',' + content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['ip'] + ',' + host + '.' + content['all']['vars']['replica_domain'] + '\n')
|
||||
except:
|
||||
print(host + ' is not complete for DHCP.')
|
||||
|
||||
def WriteDNSEntry(content,hosttype,hostclass):
|
||||
### Create the DNS entry
|
||||
# param content: the yaml content to parse
|
||||
# param hosttype: managed or unmanaged
|
||||
# param hostclass: the type of host as classified in the yaml
|
||||
global dnsfile
|
||||
|
||||
with open(dnsfilepath,'a') as dnsfile:
|
||||
|
||||
# Write host entries
|
||||
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
|
||||
try:
|
||||
dnsfile.write(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['ip'] + ' ' + host + '.' + content['all']['vars']['replica_domain'] + ' ' + host + '\n')
|
||||
except:
|
||||
print(host + ' is not complete for DNS.')
|
||||
|
||||
def GenerateFiles(file):
|
||||
### Open the file and parse it
|
||||
# param file: the file to work on
|
||||
global dnsfile
|
||||
|
||||
if not os.path.isdir(rolepath):
|
||||
os.mkdir(rolepath)
|
||||
|
||||
# Parse the yaml
|
||||
with open(file, 'r') as stream:
|
||||
content = yaml.safe_load(stream)
|
||||
|
||||
# Clear the DNS file
|
||||
with open(dhcpfilepath,'w') as dhcpfile:
|
||||
dhcpfile.write('dhcp-range='+content['all']['vars']['dhcprange']+'\n')
|
||||
dhcpfile.write('dhcp-option=option:dns-server,'+content['all']['vars']['dns']+'\n\n')
|
||||
dhcpfile.write('dhcp-range='+content['all']['vars']['staticrange']+'\n')
|
||||
with open(dnsfilepath,'w') as dnsfile:
|
||||
vips=subprocess.run(["/bin/bash", "-c", "echo | openssl s_client -connect "+content['all']['vars']['external_domain']+":443 | openssl x509 -text -noout | grep DNS: | tr ',' '\n' | sed 's/\s\+DNS://' | grep -ivE ^"+content['all']['vars']['external_domain']+" | tr '\n' ' '"], capture_output=True).stdout.decode("utf-8")
|
||||
dnsfile.write(content['all']['vars']['webfront']+' '+content['all']['vars']['external_domain']+' '+vips+"\n")
|
||||
|
||||
# Add DNS entries for each host
|
||||
hosttype = 'managed'
|
||||
for hostclass in ['physical','virtual','geth_hubs']:
|
||||
WriteDNSEntry(content,hosttype,hostclass)
|
||||
WriteDHCPEntry(content,hosttype,hostclass)
|
||||
hosttype = 'unmanaged'
|
||||
for hostclass in ['ovas','test_ovas','appliances','adhoc_appliances','iot']:
|
||||
WriteDNSEntry(content,hosttype,hostclass)
|
||||
WriteDHCPEntry(content,hosttype,hostclass)
|
||||
|
||||
if __name__ == '__main__':
|
||||
if len(sys.argv) != 2:
|
||||
print("You need to supply an inventory file.")
|
||||
sys.exit(1)
|
||||
GenerateFiles(sys.argv[1])
|
||||
sys.exit(0)
|
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
|
||||
# File: gen-ssh-keyscan
|
||||
#
|
||||
# Description: This file generates a known_host block for the inventory.
|
||||
#
|
||||
# Package: AniNIX/HelloWorld
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>
|
||||
|
||||
inventory="$1"
|
||||
|
||||
replicadomain="$(grep replica_domain:\ "$inventory" | awk '{ print $2; }';)"
|
||||
|
||||
for short in `ansible -i "$inventory" --list-hosts managed | grep -v hosts | sed 's/^\s\+//'`; do
|
||||
long="$short"'.'"$replicadomain"
|
||||
ip="$(dig "$long" +short)"
|
||||
ssh-keyscan -t ed25519 -f <(echo "$long" "$long","$short","$ip") 2>&1
|
||||
ssh-keyscan -t rsa -f <(echo "$long" "$long","$short","$ip") 2>/dev/null
|
||||
done
|
|
@ -0,0 +1,95 @@
|
|||
#!/usr/bin/env python3
|
||||
# File: generate-systemd-vms.py
|
||||
#
|
||||
# Description: This file generates the systemd.service files that run our VM's
|
||||
#
|
||||
# Package: AniNIX/Ubiqtorate
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <darkfeather@aninix.net>
|
||||
|
||||
import os
|
||||
import shutil
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
filepath="roles/Node/files/vm-definitions/"
|
||||
|
||||
def WriteVMFile(content,hosttype,hostclass):
|
||||
### Create the service files for the hosts
|
||||
# param content: the yaml content to parse
|
||||
# param hosttype: managed or unmanaged
|
||||
# param hostclass: the type of host as classified in the yaml
|
||||
|
||||
global filepath
|
||||
|
||||
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
|
||||
|
||||
cores = 0
|
||||
memory = 0
|
||||
vnc = 0
|
||||
disks = ''
|
||||
mac = ''
|
||||
bridge = ''
|
||||
|
||||
# Make sure the host definition has all the critera
|
||||
try:
|
||||
cores = str(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['cores'])
|
||||
memory = str(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['memory'])
|
||||
vnc = str(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['vnc'])
|
||||
disks = ' '.join(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['disks'])
|
||||
mac = content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['mac']
|
||||
bridge = content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['bridge']
|
||||
except Exception as e:
|
||||
print('Host ' + host + " doesn't have the attributes needed to be a VM -- skipping.")
|
||||
print(e)
|
||||
1 == 1
|
||||
|
||||
# Write the file.
|
||||
with open(filepath+host+'-vm.service','w') as vmfile:
|
||||
vmfile.write('[Unit]\n')
|
||||
vmfile.write('Description=AniNIX/' + host + '\n')
|
||||
vmfile.write('After=network.target\n')
|
||||
vmfile.write('\n')
|
||||
vmfile.write('[Service]\n')
|
||||
vmfile.write('ExecStart=/usr/sbin/qemu-system-x86_64 -name AniNIX/' + host + ' -machine type=pc,accel=kvm')
|
||||
if 'uefi' in content['all']['children'][hosttype]['children'][hostclass]['hosts'][host].keys(): vmfile.write(' -bios /usr/share/edk2-ovmf/x64/OVMF.fd')
|
||||
vmfile.write(' -cpu qemu64 -smp ' + cores + ' ' + disks + ' -net nic,macaddr=' + mac + ',model=virtio -net bridge,br=' + bridge + ' -vga std -nographic -vnc :' + str(vnc) + ' -m size=' + str(memory) + 'G -device virtio-rng-pci\n')
|
||||
vmfile.write('ExecReload=/bin/kill -HUP $MAINPID\n')
|
||||
vmfile.write('KillMode=process\n')
|
||||
vmfile.write('Restart=always\n')
|
||||
vmfile.write('User=root\n')
|
||||
vmfile.write('Group=root\n')
|
||||
vmfile.write('\n')
|
||||
vmfile.write('[Install]\n')
|
||||
vmfile.write('WantedBy=multi-user.target\n')
|
||||
print(host+'-vm.service')
|
||||
|
||||
def GenerateFiles(file):
|
||||
### Open the file and parse it
|
||||
# param file: the file to work on
|
||||
|
||||
global filepath
|
||||
|
||||
try:
|
||||
shutil.rmtree(filepath)
|
||||
except:
|
||||
1 == 1
|
||||
finally:
|
||||
os.mkdir(filepath)
|
||||
|
||||
# Parse the yaml
|
||||
with open(file, 'r') as stream:
|
||||
content = yaml.safe_load(stream)
|
||||
|
||||
# Add service files for each host
|
||||
WriteVMFile(content,'managed','virtual')
|
||||
WriteVMFile(content,'unmanaged','ovas',
|
||||
WriteVMFile(content,'unmanaged','test_ovas')
|
||||
|
||||
if __name__ == '__main__':
|
||||
if len(sys.argv) != 2:
|
||||
print("You need to supply an inventory file.")
|
||||
sys.exit(1)
|
||||
GenerateFiles(sys.argv[1])
|
||||
sys.exit(0)
|
|
@ -0,0 +1,18 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
if [ "$USER" != root ]; then
|
||||
sudo $0 $@
|
||||
exit 0
|
||||
fi
|
||||
|
||||
grep -A 2 copy: tasks/main.yml | tr '\n' ' ' | sed 's/--/\n/g' | while read copyline; do
|
||||
dest="$(echo "$copyline" | sed 's/ /\n/g' | grep src: | awk '{ print $2; }' )"
|
||||
src="$(echo "$copyline" | sed 's/ /\n/g' | grep dest: | awk '{ print $2; }' )"
|
||||
if [ -d "$src" ]; then
|
||||
cp -r "$src"/* files/"$dest"
|
||||
else
|
||||
cp -r "$src" files/"$dest"
|
||||
fi
|
||||
chown -R "$SUDO_USER": files/"$dest"
|
||||
done
|
|
@ -0,0 +1,91 @@
|
|||
#!/bin/bash
|
||||
|
||||
# File: tmux-hosts
|
||||
#
|
||||
# Description: This script allows you to open groups of hosts in 2x2 tmux panes
|
||||
#
|
||||
# Package: AniNIX/Ubiqtorate
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <ircs://irc.aninix.net:6697/DarkFeather>
|
||||
|
||||
# Sanity
|
||||
set -Eo pipefail
|
||||
|
||||
# Defaults
|
||||
group=all
|
||||
offset=0
|
||||
unset inventory
|
||||
|
||||
function usage() {
|
||||
# Show helptext
|
||||
# param retcode: what to exit
|
||||
retcode="$1"
|
||||
echo "Usage: $0 [ -o offset ] [-g group ] -i inventory.yml"
|
||||
echo " $0 -h"
|
||||
echo "Group is optional -- add it if you only want to look at a specific subset."
|
||||
echo "Add -v for verbosity."
|
||||
exit "$retcode"
|
||||
}
|
||||
|
||||
function tmuxHosts() {
|
||||
# Open hosts in Tmux -- ported from pnp/misc-scripts.git geotmux
|
||||
# param host1: the first host
|
||||
# param host2: the second host
|
||||
# param host3: the third host
|
||||
# param host4: the fourth host
|
||||
host1="$1"
|
||||
host2="$2"
|
||||
host3="$3"
|
||||
host4="$4"
|
||||
name="$group-$offset"
|
||||
|
||||
# If no TMUX session started, then add one with four panes.
|
||||
if [ -z "$TMUX" ]; then
|
||||
tmux new-session -s "$name" -d "/bin/bash -l -c ssh\\ $host1"
|
||||
tmux select-window -t "$name":0
|
||||
tmux split-window "/bin/bash -l -c ssh\\ $host2"
|
||||
tmux split-window -h -t 0 "/bin/bash -l -c ssh\\ $host3"
|
||||
tmux select-window -t "$name":1
|
||||
tmux split-window -h -t 2 "/bin/bash -l -c ssh\\ $host4"
|
||||
tmux setw synchronize-panes
|
||||
tmux a -d -t "$name"
|
||||
# Otherwise, add a new window to the current session with all four sessions.
|
||||
else
|
||||
tmux new-window -n "$name" "/bin/bash -l -c ssh\\ $host1"
|
||||
tmux select-window -t "$name"
|
||||
tmux split-window "/bin/bash -l -c ssh\\ $host2"
|
||||
tmux select-window -t "$name"
|
||||
tmux split-window -h -t 0 "/bin/bash -l -c ssh\\ $host3"
|
||||
tmux select-window -t "$name"
|
||||
tmux split-window -h -t 2 "/bin/bash -l -c ssh\\ $host4"
|
||||
tmux setw synchronize-panes
|
||||
tmux select-window -t "$name"
|
||||
fi
|
||||
}
|
||||
|
||||
# main
|
||||
if [ "$(basename $0)" == "tmux-hosts" ]; then
|
||||
while getopts 'g:hi:o:v' OPTION; do
|
||||
case "${OPTION}" in
|
||||
g) group="${OPTARG}" ;;
|
||||
h) echo Open Ansible hosts in TMUX panes.; usage 0 ;;
|
||||
i) inventory="${OPTARG}" ;;
|
||||
o) offset="${OPTARG}" ;;
|
||||
v) set -x ;;
|
||||
*) usage 1 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -z "$inventory" ]; then
|
||||
echo Need an inventory.
|
||||
usage 2;
|
||||
fi
|
||||
|
||||
tmuxHosts $(ansible -i "$inventory" --list-hosts "$group"\
|
||||
| grep -v hosts\ \( \
|
||||
| sed 's/\s\+//g' \
|
||||
| if [ $offset -gt 0 ]; then tail -n +"${offset}"; else cat; fi \
|
||||
| head -n 4 \
|
||||
| tr '\n' ' ')
|
||||
fi
|
|
@ -0,0 +1,267 @@
|
|||
all:
|
||||
vars:
|
||||
# Environment-wide data
|
||||
external_domain: aninix.net
|
||||
replica_domain: "MSN0.AniNIX.net"
|
||||
time_zone: "America/Chicago"
|
||||
# Services used by all
|
||||
router: 10.0.1.1
|
||||
netmask: 24
|
||||
dhcprange: '10.0.1.224,10.0.1.254,255.255.255.0,12h'
|
||||
staticrange: '10.0.1.1,10.0.1.223,255.255.255.0,12h'
|
||||
dns: "10.0.1.2"
|
||||
logserver: "10.0.1.16"
|
||||
webfront: "10.0.1.3"
|
||||
mirroruri: "http://Maat.MSN0.AniNIX.net:9129/repo/archlinux/$repo/os/$arch"
|
||||
# Standards
|
||||
daemon_shell: /sbin/nologin
|
||||
user_shell: /bin/bash
|
||||
ansible_become_method: sudo
|
||||
ansible_become_user: root
|
||||
static: false
|
||||
wireless_ssid: 'Shadowfeed'
|
||||
ansible_python_interpreter: auto_silent
|
||||
ldap:
|
||||
server: "10.0.1.3"
|
||||
orgdn: "dc=aninix,dc=net"
|
||||
binduser: 'binduser'
|
||||
userou: 'ou=People'
|
||||
organization: # Information about the group
|
||||
admin: 'DarkFeather'
|
||||
email: 'ircs://irc.aninix.net:6697/DarkFeather'
|
||||
displayname: 'AniNIX'
|
||||
gpgkey: '904DE6275579CB589D85720C1CC1E3F4ED06F296'
|
||||
ssl: # Standard SSL cryptographic standards
|
||||
identity: 'aninix.net-0001' # The Let's Encrypt identity to use
|
||||
ciphersuite: "!NULL:!SSLv2:!SSLv3:!TLSv1:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
|
||||
children:
|
||||
managed:
|
||||
children:
|
||||
physical: # 10.0.1.0/28
|
||||
hosts:
|
||||
Nazara:
|
||||
ipinterface: eth0
|
||||
ip: 10.0.1.2
|
||||
mac: B8:27:EB:B6:AA:0C
|
||||
static: true
|
||||
Core:
|
||||
ipinterface: enp1s0f0
|
||||
ip: 10.0.1.3
|
||||
mac: 00:25:90:0d:6e:86
|
||||
static: true
|
||||
sslidentity: aninix.net-0001
|
||||
secdetection: true
|
||||
iptv_location: "Milwaukee|Madison"
|
||||
aether_source: true
|
||||
Node0:
|
||||
ipinterface: enp1s0f0
|
||||
ip: 10.0.1.4
|
||||
mac: DE:8B:9E:19:55:1D
|
||||
tap: true
|
||||
Node1:
|
||||
ipinterface: enp1s0f0
|
||||
ip: 10.0.1.5
|
||||
mac: B0:41:6F:0D:47:E1
|
||||
tap: true
|
||||
Node2:
|
||||
ipinterface: enp1s0f0
|
||||
ip: 10.0.1.7
|
||||
mac: B0:41:6F:0D:41:D1
|
||||
tap: true
|
||||
Node3:
|
||||
ipinterface: enp1s0f0
|
||||
ip: 10.0.1.8
|
||||
mac: B0:41:6F:0D:51:0E
|
||||
tap: true
|
||||
virtual: # 10.0.1.16/28
|
||||
vars:
|
||||
hosts:
|
||||
Sharingan:
|
||||
ip: 10.0.1.16
|
||||
ipinterface: ens3
|
||||
mac: 00:15:5D:01:02:10
|
||||
cores: 4
|
||||
memory: 4
|
||||
vnc: 8
|
||||
bridge: br0
|
||||
uefi: true
|
||||
siem: true
|
||||
disks:
|
||||
- '-drive format=raw,index=0,media=disk,file=/dev/sdb'
|
||||
# On hold because of https://aninix.net/DarkFeather/MSN0/issues/6
|
||||
holdpkg: "elasticsearch graylog mongodb44-bin mongodb-tools-bin"
|
||||
DarkNet:
|
||||
ipinterface: ens3
|
||||
ip: 10.0.1.17
|
||||
mac: 00:15:5D:01:02:05
|
||||
cores: 2
|
||||
memory: 2
|
||||
vnc: 9
|
||||
disks:
|
||||
- '-drive format=raw,index=0,media=disk,file=/dev/sdd'
|
||||
Maat:
|
||||
ip: 10.0.1.18
|
||||
ipinterface: ens3
|
||||
mac: 00:15:5d:01:02:07
|
||||
cores: 2
|
||||
memory: 2
|
||||
bridge: br0
|
||||
vnc: 7
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/Maat.qcow2'
|
||||
|
||||
geth_hubs: # 10.0.1.32/28
|
||||
vars:
|
||||
motion_enabled: yes
|
||||
hosts:
|
||||
Geth-Hub-1:
|
||||
ip: 10.0.1.32
|
||||
mac: 84:16:F9:14:15:C5
|
||||
rotate: 0
|
||||
remote: NS-RC4NA-14
|
||||
Geth-Hub-2:
|
||||
ip: 10.0.1.33
|
||||
mac: 84:16:F9:13:B6:E6
|
||||
motion_enabled: no
|
||||
rotate: 180
|
||||
remote: NS-RC4NA-14
|
||||
Geth-Hub-3:
|
||||
ip: 10.0.1.34
|
||||
mac: b8:27:eb:60:73:68
|
||||
rotate: 90
|
||||
remote: LG-AKB73715608
|
||||
unmanaged:
|
||||
children:
|
||||
# Both OVA groups are in the same subnet -- test_ovas aren't monitored
|
||||
ovas: # 10.0.1.48/28
|
||||
hosts:
|
||||
Geth:
|
||||
ip: 10.0.1.49
|
||||
mac: DE:8B:9E:19:55:1E
|
||||
cores: 2
|
||||
memory: 2
|
||||
vnc: 6
|
||||
bridge: br0
|
||||
uefi: true
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/hassos_ova-5.13.qcow2'
|
||||
test_ovas: # 10.0.1.48/28
|
||||
hosts:
|
||||
TDS-Jump:
|
||||
ip: 10.0.1.48
|
||||
mac: 00:15:5d:01:02:08
|
||||
cores: 2
|
||||
memory: 2
|
||||
vnc: 4
|
||||
bridge: br0
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/TDSJump.qcow2'
|
||||
DedNet:
|
||||
ip: 10.0.1.50
|
||||
mac: 00:15:5d:01:02:09
|
||||
cores: 2
|
||||
memory: 2
|
||||
vnc: 3
|
||||
bridge: br0
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/DedNet.qcow2'
|
||||
- '-cdrom /srv/maat/iso/kali-linux.iso -boot order=d'
|
||||
Aether:
|
||||
ip: 10.0.1.51
|
||||
mac: 00:15:5d:01:02:11
|
||||
cores: 2
|
||||
memory: 2
|
||||
vnc: 5
|
||||
bridge: br0
|
||||
disks:
|
||||
- '-drive if=none,id=disk0,cache=none,format=raw,aio=native,file=/dev/sdc'
|
||||
- '-cdrom /srv/maat/iso/archlinux.iso -boot order=d'
|
||||
test1:
|
||||
ip: 10.0.1.52
|
||||
ipinterface: ens3
|
||||
mac: 00:15:5d:01:02:06
|
||||
cores: 2
|
||||
memory: 2
|
||||
bridge: br0
|
||||
vnc: 10
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test1.qcow2'
|
||||
test2:
|
||||
ip: 10.0.1.53
|
||||
ipinterface: ens3
|
||||
mac: 00:15:5d:01:02:03
|
||||
cores: 2
|
||||
memory: 2
|
||||
bridge: br0
|
||||
vnc: 11
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test2.qcow2'
|
||||
test3:
|
||||
ip: 10.0.1.54
|
||||
ipinterface: ens3
|
||||
mac: 00:15:5d:01:02:04
|
||||
cores: 2
|
||||
memory: 2
|
||||
bridge: br0
|
||||
vnc: 12
|
||||
disks:
|
||||
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test3.qcow2'
|
||||
# appliances are monitored -- adhoc_appliances are convenience only and not monitored.
|
||||
appliances:
|
||||
hosts: # 10.0.1.64/27
|
||||
Shadowfeed: # Router must be at root
|
||||
ip: 10.0.1.1
|
||||
mac: 2c:30:33:64:f4:03
|
||||
Print: # Print is excepted for legacy setup reasons before we laid out subnets.
|
||||
ip: 10.0.1.6
|
||||
mac: 00:80:92:77:CE:E4
|
||||
Geth-Eyes:
|
||||
ip: 10.0.1.68
|
||||
mac: 9C:A3:AA:33:A3:99
|
||||
"Core-Console":
|
||||
ip: 10.0.1.74
|
||||
mac: 00:25:90:0D:82:5B
|
||||
"Node0-Console":
|
||||
ip: 10.0.1.75
|
||||
mac: 00:25:90:3E:C6:8C
|
||||
adhoc_appliances:
|
||||
hosts: # 10.0.1.64/27
|
||||
DarkFeather:
|
||||
ip: 10.0.1.64
|
||||
mac: D0:40:EF:D4:14:CF
|
||||
Lykos:
|
||||
ip: 10.0.1.65
|
||||
mac: 70:74:14:4F:8E:42
|
||||
Games:
|
||||
ip: 10.0.1.66
|
||||
mac: E0:BE:03:77:0E:88
|
||||
LivingRoomTV:
|
||||
ip: 10.0.1.69
|
||||
mac: 80:D2:1D:17:63:0E
|
||||
BedRoomTV:
|
||||
ip: 10.0.1.70
|
||||
mac: 80:D2:1D:17:63:0F
|
||||
TrainingRoomTV:
|
||||
ip: 10.0.1.71
|
||||
mac: 80:D2:1D:17:63:10
|
||||
Tachikoma:
|
||||
ip: 10.0.1.72
|
||||
mac: 90:0f:0c:1a:d3:23
|
||||
Dedsec:
|
||||
ip: 10.0.1.73
|
||||
mac: 34:F6:4B:36:12:8F
|
||||
# dhcp build space: 10.0.1.224/27
|
||||
iot: # 10.0.2.0/24
|
||||
hosts:
|
||||
LinKeuei:
|
||||
ip: 10.0.2.2
|
||||
mac: 64:16:66:08:57:F5
|
||||
Canary:
|
||||
ip: 10.0.2.3
|
||||
mac: 18:B4:30:2F:F1:37
|
||||
Charon:
|
||||
ip: 10.0.2.4
|
||||
mac: 64:52:99:14:28:2B
|
||||
Skitarii-1:
|
||||
ip: 10.0.2.5
|
||||
mac: 40:9F:38:95:06:34
|
|
@ -0,0 +1,79 @@
|
|||
---
|
||||
# deploy.yml
|
||||
#
|
||||
# This playbook details how an entire datacenter should be deployed
|
||||
#
|
||||
# Parameters:
|
||||
# threads: Number of threads to use; default is 16.
|
||||
#
|
||||
- hosts: Nazara
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
vars:
|
||||
- ansible_password: "{{ passwords[inventory_hostname] }}"
|
||||
- ansible_become_password: "{{ passwords[inventory_hostname] }}"
|
||||
roles:
|
||||
- Nazara
|
||||
|
||||
- hosts: managed
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
vars: # This is the only segment that should need these variables, as the basics role should take care of sudo and the SSH key.
|
||||
- ansible_password: "{{ passwords[inventory_hostname] }}"
|
||||
- ansible_become_password: "{{ passwords[inventory_hostname] }}"
|
||||
roles:
|
||||
- ShadowArch
|
||||
- SSH
|
||||
- Sharingan
|
||||
|
||||
- hosts: Core
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- hardware
|
||||
- SSL
|
||||
- WebServer
|
||||
- IRC
|
||||
|
||||
- hosts: geth_hubs
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- Geth-Hub
|
||||
|
||||
- hosts: Node0
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- hardware
|
||||
- Node
|
||||
|
||||
- hosts: DarkNet
|
||||
order: sorted
|
||||
serial: "{{ threads | default('16') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- DarkNet
|
|
@ -0,0 +1,27 @@
|
|||
# This playbook disables the archlinux-keyring-wkd-sync.service and timer, because they tend to fail for bad reasons.
|
||||
#
|
||||
---
|
||||
|
||||
- hosts: managed
|
||||
ignore_errors: true
|
||||
gather_facts: true
|
||||
become: yes
|
||||
|
||||
tasks:
|
||||
|
||||
- name: Disable services & timers
|
||||
when: ansible_os_family == "Archlinux"
|
||||
service:
|
||||
name: "{{ item }}"
|
||||
state: stopped
|
||||
enabled: no
|
||||
loop:
|
||||
- archlinux-keyring-wkd-sync.timer
|
||||
- archlinux-keyring-wkd-sync.service
|
||||
|
||||
- name: Reset failed
|
||||
when: ansible_os_family == "Archlinux"
|
||||
command: "systemctl reset-failed {{ item }}"
|
||||
loop:
|
||||
- archlinux-keyring-wkd-sync.timer
|
||||
- archlinux-keyring-wkd-sync.service
|
|
@ -0,0 +1,61 @@
|
|||
---
|
||||
# patching.yml
|
||||
#
|
||||
# This playbook can be used to patch all the servers in an inventory to the latest on the repo servers
|
||||
# Variables:
|
||||
# - hosts: the host grouper in the inventory -- default: all
|
||||
# - action: update or upgrade -- default: update
|
||||
# - delay: minutes to wait after a reboot -- default 5
|
||||
#
|
||||
#
|
||||
# Patch then restart a node
|
||||
- hosts: "{{ targets | default('geth_hubs') }}"
|
||||
order: sorted
|
||||
ignore_unreachable: true
|
||||
serial: 1
|
||||
vars:
|
||||
ansible_become: yes
|
||||
ansible_become_method: sudo
|
||||
oldmajor: stretch
|
||||
newmajor: buster
|
||||
tasks:
|
||||
- name: Check /var free percentage
|
||||
command: /bin/bash -c "df -m /var | tail -n 1 | awk '{ print $5; }' | sed 's/%//' "
|
||||
become: no
|
||||
register: df_output
|
||||
|
||||
- name: Verify /var space
|
||||
assert:
|
||||
that:
|
||||
- 90 > {{ df_output.stdout }}
|
||||
fail_msg: "Not enough free space"
|
||||
|
||||
- apt:
|
||||
name: python-apt
|
||||
state: present
|
||||
|
||||
- name: apt dist-upgrade
|
||||
apt:
|
||||
update_cache: yes
|
||||
upgrade: dist
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Replace repo
|
||||
command: "sed -i 's/{{ oldmajor }}/{{ newmajor }}/g' /etc/apt/sources.list"
|
||||
become: yes
|
||||
|
||||
- name: Update packages
|
||||
apt:
|
||||
upgrade: full
|
||||
update_cache: yes
|
||||
autoremove: yes
|
||||
autoclean: yes
|
||||
ignore_errors: yes
|
||||
|
||||
# - name: Perform firmware-update
|
||||
# command: rpi-update
|
||||
# become: yes
|
||||
|
||||
- reboot:
|
||||
|
||||
- wait_for_connection:
|
|
@ -0,0 +1,29 @@
|
|||
# ---
|
||||
# one-role.yml
|
||||
#
|
||||
# Test a single role against a host or group of hosts.
|
||||
#
|
||||
# Parameters:
|
||||
# targets: group in the inventory to use
|
||||
# threads: number of simultaneous executions
|
||||
# role: role to run
|
||||
# sshport (optional): override 22/tcp/ssh for Ansible control
|
||||
#
|
||||
# Expects ANSIBLE_VAULT_FILE to be set in the environment to path the vault
|
||||
# Also set ANSIBLE_VAULT_PASSWORD_FILE to your password file location if you want it.
|
||||
#
|
||||
- hosts: "{{ targets | default('all') }}"
|
||||
order: sorted
|
||||
serial: "{{ threads | default('8') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars:
|
||||
ansible_ssh_port: "{{ sshport | default('22') }}"
|
||||
therole: "{{ role | default('Uptime') }}"
|
||||
ansible_become_password: "{{ passwords[inventory_hostname] }}"
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
|
||||
roles:
|
||||
- "{{ therole }}"
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
# patching.yml
|
||||
#
|
||||
# Variables:
|
||||
# - hosts: what hosts in the inventory to use
|
||||
# - threads: how many to check in parallel
|
||||
- hosts: "{{ hosts | default('managed') }}"
|
||||
order: sorted
|
||||
serial: "{{ threads | default('4') }}"
|
||||
ignore_unreachable: true
|
||||
vars:
|
||||
ansible_become: no
|
||||
tasks:
|
||||
|
||||
- name: Check updates
|
||||
yum:
|
||||
list=updates
|
||||
update_cache=true
|
||||
ignore_errors: true
|
||||
register: yumupdates
|
||||
|
||||
- name: Patching succeeded
|
||||
ignore_errors: true
|
||||
assert:
|
||||
that:
|
||||
- yumupdates.results|length == 0
|
||||
- df_output.stdout is search("rhel-7-server-rpms-nist")
|
|
@ -0,0 +1,44 @@
|
|||
---
|
||||
# patching.yml
|
||||
#
|
||||
# This playbook can be used to patch all the servers in an inventory to the latest software available.
|
||||
# Because we typically encrypt our disk storage, we don't wait for the connection to become available again.
|
||||
# Variables:
|
||||
# - target: the host grouper in the inventory -- default: all
|
||||
#
|
||||
# Patch then restart a node
|
||||
#
|
||||
#
|
||||
- hosts: physical,virtual
|
||||
order: sorted
|
||||
serial: 4
|
||||
vars:
|
||||
ansible_become: yes
|
||||
ansible_become_method: sudo
|
||||
tasks:
|
||||
- package:
|
||||
name: archlinux-keyring
|
||||
state: latest
|
||||
|
||||
- hosts: virtual,geth-hubs
|
||||
order: sorted
|
||||
serial: 4
|
||||
vars:
|
||||
ansible_become: yes
|
||||
ansible_become_method: sudo
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- patching
|
||||
|
||||
- hosts: physical
|
||||
order: sorted
|
||||
ignore_unreachable: true
|
||||
serial: 4
|
||||
vars:
|
||||
ansible_become: yes
|
||||
ansible_become_method: sudo
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
roles:
|
||||
- patching
|
|
@ -0,0 +1 @@
|
|||
../roles/
|
|
@ -0,0 +1,39 @@
|
|||
# ---
|
||||
# sshkey.yml
|
||||
#
|
||||
# ssh-keyscan and copy your SSH key to hosts
|
||||
#
|
||||
# Parameters:
|
||||
# targets: group in the inventory to use
|
||||
# threads: number of simultaneous executions
|
||||
# pubkey: file to hand off
|
||||
# sshport (optional): override 22/tcp/ssh for Ansible control
|
||||
#
|
||||
# Expects ANSIBLE_VAULT_FILE to be set in the environment to path the vault
|
||||
#
|
||||
- hosts: "{{ targets | default('managed') }}"
|
||||
order: sorted
|
||||
serial: "{{ threads | default('8') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars:
|
||||
ansible_ssh_password: "{{ passwords[inventory_hostname] }}"
|
||||
ansible_ssh_port: "{{ sshport | default('22') }}"
|
||||
keyfile: "{{ pubkey | default(lookup('env','HOME') + '/.ssh/id_ed25519.pub') }}"
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
|
||||
tasks:
|
||||
# Scanning SSH keys has been replaced with ../bin/generate-ssh-keyscan
|
||||
|
||||
- name: Get key
|
||||
delegate_to: localhost
|
||||
command: "cat {{ keyfile }}"
|
||||
register: key
|
||||
|
||||
- authorized_key:
|
||||
user: "{{ ansible_user_id }}"
|
||||
key: "{{ key.stdout }}"
|
||||
state: present
|
||||
exclusive: true
|
||||
name: "Pass authorized key"
|
|
@ -0,0 +1,28 @@
|
|||
# ---
|
||||
# one-role.yml
|
||||
#
|
||||
# Test a single role against a host or group of hosts.
|
||||
#
|
||||
# Parameters:
|
||||
# targets: group in the inventory to use
|
||||
# threads: number of simultaneous executions
|
||||
# variablename: the variable to print
|
||||
# sshport (optional): override 22/tcp/ssh for Ansible control
|
||||
#
|
||||
# Expects ANSIBLE_VAULT_FILE to be set in the environment to path the vault
|
||||
# Also set ANSIBLE_VAULT_PASSWORD_FILE to your password file location if you want it.
|
||||
#
|
||||
- hosts: "{{ targets | default('managed') }}"
|
||||
order: sorted
|
||||
serial: "{{ threads | default('8') }}"
|
||||
gather_facts: true
|
||||
ignore_unreachable: true
|
||||
vars:
|
||||
ansible_ssh_port: "{{ sshport | default('22') }}"
|
||||
variablename: "{{ variable | default('ansible_os_family') }}"
|
||||
vars_files:
|
||||
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
|
||||
|
||||
tasks:
|
||||
- debug:
|
||||
msg: "{{ lookup('vars',variablename) | default('undefined') }}"
|
|
@ -0,0 +1,58 @@
|
|||
#!/usr/bin/bash
|
||||
|
||||
# File: find-bad-ipam
|
||||
#
|
||||
# Description: This file finds bad IPAM entries in an inventory.
|
||||
#
|
||||
# Package: AniNIX/Ubiqtorate
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>
|
||||
|
||||
file="examples/msn0.yml"
|
||||
|
||||
function findBadTerm() {
|
||||
### Check for a term to be duplicated.
|
||||
# param file: the file
|
||||
# param term: the term to search for duplicates
|
||||
file="$1"
|
||||
term="$2"
|
||||
results="$(grep -i "$term:" "$file" | tr '[[:upper:]]' '[[:lower:]]' | sed 's/\s+'"$term"':\s*//' | sort | uniq -c | grep -vE '^\s+1\s+' )"
|
||||
|
||||
if [ -n "$results" ]; then
|
||||
echo "Some ${term} entries are duplicated. Search for the above terms in your inventory and deduplicate."
|
||||
echo "$results"
|
||||
exit 2
|
||||
fi
|
||||
}
|
||||
|
||||
function Usage() {
|
||||
### Helptext
|
||||
# param retcode: what to return
|
||||
retcode="$1"
|
||||
echo "Usage: $0 -f SOMEFILE"
|
||||
echo " $0 -h"
|
||||
echo "Add -v for verbosity."
|
||||
exit $retcode
|
||||
}
|
||||
|
||||
while getopts 'f:hv' OPTION; do
|
||||
### Parse arguments
|
||||
case "$OPTION" in
|
||||
f) file="$OPTARG" ;;
|
||||
h) echo "Find bad IPAM entries in an inventory." ; Usage 0 ;;
|
||||
v) set -x ;;
|
||||
*) Usage 1 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Sanity check
|
||||
if [ -z "$file" ] || [ ! -f "$file" ]; then
|
||||
echo Need an inventory to process.
|
||||
Usage 3;
|
||||
fi
|
||||
|
||||
# Check for the unique attributes.
|
||||
for i in ip vnc mac; do
|
||||
findBadTerm "$file" "$i"
|
||||
done
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
|
||||
result="$(find roles/*/{files,templates} -type f -exec file {} \; | grep -Ev ASCII\ text\|empty\|Unicode\ text | grep -v motd.txt.j2)"
|
||||
if [ -n "$result" ]; then
|
||||
echo "These files need to be evaluated -- generally, don't commit data files to Git."
|
||||
echo "$result"
|
||||
exit 1
|
||||
fi
|
||||
exit 0
|
|
@ -0,0 +1,12 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Limit files in git to 1M.
|
||||
IFS="
|
||||
"
|
||||
git ls-files | xargs -n1 du -k | grep -vE '^[[:digit:]]?[[:digit:]]?[[:digit:]][[:space:]]|venv|\s./.git/'
|
||||
|
||||
if [ $? -ne 1 ]; then
|
||||
echo
|
||||
echo "These files are probably larger than you want to commit to Git. Please try to find an alternate delivery path, such as a CDN or Git-LFS."
|
||||
exit 1;
|
||||
fi
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
retcode=0
|
||||
for host in `ansible -i "examples/msn0.yml" --list-hosts managed | grep -v ' hosts '`; do
|
||||
if [ ! -f roles/ShadowArch/files/motd/"$host" ]; then
|
||||
echo "Need MOTD for $host"
|
||||
retcode=1;
|
||||
fi
|
||||
if [ ! -f roles/Sharingan/files/monit/hostdefs/"$host" ]; then
|
||||
echo "Need Sharingan-Data file for $host"
|
||||
retcode=1;
|
||||
fi
|
||||
done
|
||||
exit $retcode
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Ignore Ansibilized templates.
|
||||
saferegex='\{\{.+\}\}|secrets\['
|
||||
# Ignore comments
|
||||
saferegex="$saferegex"'|^[a-z,A-Z,0-9,_,-,/,.]+:\s*;|^[a-z,A-Z,0-9,_,-,/,.]+:\s*#|^[a-z,A-Z,0-9,_,-,/,.]+:\s*//|\s+[/]?[*][/]?\s+'
|
||||
# AniNIX Constructs
|
||||
saferegex="$saferegex"'|password.aninix.net|aur.list'
|
||||
# Web constructs
|
||||
saferegex="$saferegex"'|.css:|.html:|.md:|htdocs|htpasswd'
|
||||
# Ignore template text to set policy
|
||||
saferegex="$saferegex"'|_LENGTH|Set new|attempt|pwdchange'
|
||||
# haveibeenpwned is referenced in comments
|
||||
saferegex="$saferegex"'|haveibeenpwned'
|
||||
# Unset variables.
|
||||
saferegex="$saferegex"'|\s+=\s*$|\s+yes$|\s+no$'
|
||||
# Ignore LDAP attributes
|
||||
saferegex="$saferegex"'|pwpolicies|pwdLastSuccess|pwdAttribute|pwdMaxAge|pwdExpireWarning|pwdInHistory|pwdCheckQuality|pwdMaxFailure|pwdLockout|pwdLockoutDuration|pwdGraceAuthNLimit|pwdFailureCountInterval|pwdMustChange|pwdMinLength|pwdAllowUserChange|pwdSafeModify|pwdChangedTime|pwdPolicy|last changed their password on|/root/.ldappass'
|
||||
# Ignore IRC Modules
|
||||
saferegex="$saferegex"'|m_password_hash.so|/quote ns identify|SELECT|password_attribute|SET PASS|SASET PASS'
|
||||
# Ignore SSH known hosts
|
||||
saferegex="$saferegex""|ssh_known_hosts:|"
|
||||
|
||||
git ls-files roles/*/{files,templates} | xargs grep -irE 'secret|password|pw|passphrase|pass=' | grep -vE "$saferegex"
|
||||
if [ $? -ne 1 ]; then
|
||||
echo
|
||||
echo If these are false positives, you need to add the signature to the whitelist in $0.
|
||||
echo Otherwise, convert any files above to templates and encode the passphrase into your vault.
|
||||
exit 1;
|
||||
fi
|
|
@ -0,0 +1,4 @@
|
|||
pyaml
|
||||
pytest
|
||||
python3-nmap
|
||||
simplejson
|
|
@ -0,0 +1,15 @@
|
|||
Cyberbrain is a way to ensure that so long as a person is connected to the Internet and authorized, they're able to connect to, use, and control the AniNIX. It's a web-based shell emulator for connecting to the system. It can serve as an alternative to using the [Terminal & SSH add-on](https://www.home-assistant.io/common-tasks/supervised/#installing-and-using-the-ssh-add-on-requires-enabling-advanced-mode-for-the-ha-user) for [AniNIX/Geth](../Geth/) in cases where a separate security posture is needed for each.
|
||||
|
||||
**Warning**: This is a fallback measure -- browsers are still inherently less secure than hard clients like [Git Bash](https://git-scm.com/download/win) or [OpenSSH](https://www.openssh.com/portable.html).
|
||||
|
||||
# Etymology
|
||||
A [cyberbrain](https://ghostintheshell.fandom.com/wiki/Cyberbrain) is a concept from the series *Ghost in the Shell*. It's the integration of a normal brain with electronic, usually networked components. Similarly, this app serves as a core bridge between the shell environment of the AniNIX and any authorized user.
|
||||
|
||||
# Relevant Files and Software
|
||||
This service uses a file, [/etc/conf.d/webssh](file:///etc/conf.d/webssh), to control the service. Additionally, there's a password file [/opt/openresty/nginx/passwords/cyberbrain.htpasswd](file:///opt/openresty/nginx/passwords/cyberbrain.htpasswd) that controls an initial authentication to the webserver socket.
|
||||
|
||||
## Backups
|
||||
No backup is needed.
|
||||
|
||||
# Available Clients
|
||||
This uses the same clients as [AniNIX/WebServer](../WebServer). Any browser will do.
|
|
@ -0,0 +1,22 @@
|
|||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name cyberbrain.aninix.net;
|
||||
|
||||
include sec.conf;
|
||||
include default.csp.conf;
|
||||
include letsencrypt.conf;
|
||||
|
||||
location /
|
||||
{
|
||||
auth_basic "Cyberbrain";
|
||||
auth_basic_user_file ../passwords/cyberbrain.htpasswd;
|
||||
proxy_pass http://127.0.0.1:8822;
|
||||
proxy_http_version 1.1;
|
||||
proxy_read_timeout 300;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Real-PORT $remote_port;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
[Unit]
|
||||
Description=AniNIX/Cyberbrain | SSH Web Front End, powered by python-webssh
|
||||
|
||||
[Service]
|
||||
User=webssh
|
||||
EnvironmentFile=/etc/conf.d/webssh
|
||||
ExecStart=/usr/bin/wssh $WEBSSH_ARGS
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,71 @@
|
|||
---
|
||||
- name: Install python-webssh
|
||||
become: yes
|
||||
package:
|
||||
name: python-webssh
|
||||
state: present
|
||||
|
||||
- name: Standardize the servicefile
|
||||
become: yes
|
||||
register: servicefile
|
||||
copy:
|
||||
src: cyberbrain.service
|
||||
dest: /usr/lib/systemd/system/cyberbrain.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Ensure default webssh service file is off.
|
||||
become: yes
|
||||
service:
|
||||
name: webssh
|
||||
state: stopped
|
||||
enabled: no
|
||||
|
||||
- systemd:
|
||||
daemon_reload: true
|
||||
when: servicefile.changed
|
||||
become: yes
|
||||
|
||||
- name: Ensure service is restarted
|
||||
when: servicefile.changed
|
||||
become: yes
|
||||
service:
|
||||
name: cyberbrain.service
|
||||
enabled: yes
|
||||
state: started
|
||||
|
||||
- name: Ensure service is started
|
||||
when: not servicefile.changed
|
||||
become: yes
|
||||
service:
|
||||
name: cyberbrain.service
|
||||
enabled: yes
|
||||
state: started
|
||||
|
||||
- name: Add the webserver conf file
|
||||
become: yes
|
||||
register: webserver_conf
|
||||
copy:
|
||||
src: cyberbrain.conf
|
||||
dest: /opt/openresty/nginx/conf.d/cyberbrain.conf
|
||||
owner: root
|
||||
group: http
|
||||
mode: 0750
|
||||
|
||||
- name: Ensure the password file is seeded
|
||||
become: yes
|
||||
template:
|
||||
src: cyberbrain.htpasswd.j2
|
||||
dest: /opt/openresty/nginx/passwords/cyberbrain.htpasswd
|
||||
owner: root
|
||||
group: http
|
||||
mode: 0750
|
||||
|
||||
- name: Reload openresty
|
||||
become: yes
|
||||
when: webserver_conf.changed
|
||||
service:
|
||||
name: openresty.service
|
||||
state: reloaded
|
||||
|
|
@ -0,0 +1 @@
|
|||
cyberbrain:{PLAIN}{{ passwords.Cyberbrain }}
|
|
@ -0,0 +1,27 @@
|
|||
The DarkNet VM is the privacy protection of the AniNIX. The AniNIX does not believe in security by obscurity or in censorship; as such, everyone should have a voice. VPN access is an assurance to content despite censorship and obfuscation for cases where free speech would normally come with some form of repercussions, despite the UN standards for human rights.
|
||||
|
||||
# Etymology
|
||||
The DarkNet is named for an anonymous network whose access is controlled only by the admins and whose usage is known only to them. It's entirely closed and anonymous.
|
||||
|
||||
# Capacity and Components
|
||||
A basic VM to provide DarkNet functionality in an AniNIX replica only needs the following resources:
|
||||
* [ShadowArch](/AniNIX/ShadowArch)
|
||||
* 1 core
|
||||
* 1024M of RAM
|
||||
* Virtualized NIC
|
||||
* 150G of storage for any [AniNIX/WolfPack](/AniNIX/WolfPack) downloads, preferably on a unique physical harddrive that can be pulled and drilled
|
||||
|
||||
# Hosted Services
|
||||
The DarkNet uses a small package list. It uses a couple services to achieve its goals. First, it uses [NordVPN](http://nordvpn.com/) to protect all traffic -- very simply, all one has to do to connect to the VPN is to run `nordvpn connect` and provide your login credentials to the service. We also use TOR for further anonymity -- torsocks and tor-browser-en provide functionality to cover that.
|
||||
|
||||
We recommend whitelisting your replica's subnet so that NordVPN doesn't see local traffic and services like log aggregation and administration can happen without exposing access across the VPN.
|
||||
```
|
||||
nordvpn whitelist add subnet $subnet/$cidr
|
||||
```
|
||||
|
||||
## Abilities
|
||||
* Encrypted storage by default to a passphrase known only to admins.
|
||||
* Tor proxy service, integrated with both text lynx and GUI tor-browser-en browsers.
|
||||
* Lynx is aliased to "torsocks lynx" globally
|
||||
* Anonymous VPN via NordVPN
|
||||
|
|
@ -0,0 +1,67 @@
|
|||
---
|
||||
|
||||
- name: DarkNet packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- deluge
|
||||
- deluge-gtk
|
||||
- openvpn
|
||||
- nordvpn-bin
|
||||
- tor
|
||||
- torsocks
|
||||
- tor-browser-en
|
||||
|
||||
- name: OpenVPN config
|
||||
become: yes
|
||||
get_url:
|
||||
url: "{{ secrets.DarkNet.vpnserver }}"
|
||||
dest: /etc/openvpn/client/darknet.conf
|
||||
mode: 0600
|
||||
owner: openvpn
|
||||
group: network
|
||||
|
||||
- name: OpenVPN Auth part 1
|
||||
become: yes
|
||||
lineinfile:
|
||||
path: /etc/openvpn/client/darknet.conf
|
||||
regexp: ^auth-user-pass
|
||||
line: auth-user-pass /etc/openvpn/client/darknet.auth
|
||||
|
||||
- name: OpenVPN Auth part 2
|
||||
become: yes
|
||||
lineinfile:
|
||||
path: /etc/openvpn/client/darknet.conf
|
||||
regexp: ^dev
|
||||
line: dev tun0
|
||||
|
||||
- name: OpenVPN Auth part 3
|
||||
become: yes
|
||||
copy:
|
||||
dest: /etc/openvpn/client/darknet.auth
|
||||
content: "{{ secrets.DarkNet.token }}"
|
||||
mode: 0600
|
||||
owner: openvpn
|
||||
group: network
|
||||
|
||||
- name: "Enable daemons"
|
||||
become: yes
|
||||
service:
|
||||
name: "{{ item }}"
|
||||
state: started
|
||||
enabled: yes
|
||||
loop:
|
||||
- tor.service
|
||||
- nordvpnd.service
|
||||
- deluged.service
|
||||
- openvpn-client@darknet.service
|
||||
|
||||
- name: BashRC customization
|
||||
become: yes
|
||||
copy:
|
||||
dest: /etc/profile.d/darknet
|
||||
content: |
|
||||
alias torlynx='torsocks elinks https://check.torproject.org/'
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
# Consider https://blackarch.org/blackarch-guide-en.pdf
|
||||
- name: Install DedSec packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- tcpdump
|
||||
- wireshark
|
|
@ -0,0 +1,65 @@
|
|||
The Foundation is a one-stop shop for source code from AniNIX developers -- it's an open repository form which people can pull source code and recreate the entities being used by the AniNIX. You can view its web frontend from [https://aninix.net/foundation this webpage].
|
||||
|
||||
# Etymology
|
||||
The etymology of the Foundation is twofold. First and foremost, the AniNIX attempts to automate any new package it is using as much as possible, and as such the Foundation holds the very basis on which the AniNIX is built.
|
||||
|
||||
Secondly, the Foundation is the third piece of the charity trinity for the AniNIX, along with the Wiki and the [https://aninix.net/pages/charity.php short-term charity projects]. The AniNIX puts a lot of time into designing its projects and making sure they work. Rather than forcing others to redo this work, we offer commented code and documentation so that the process is transparent but the work-by-hand is minimized.[[Category:Charity]]
|
||||
|
||||
# Relevant Files and Software
|
||||
The Git system was created by the Linux project to manage changes to the kernel and has been on the rise for some time among Version Control Systems (VCS's) with projects like GitHub. The AniNIX self-hosts the repositories in [file:///srv/foundation/ the Foundation server folder] on [[Core]].
|
||||
|
||||
[[WebServer]] is configured to translate the repository to [https://aninix.net/foundation/ the Web-accessible format] via the ArchLinux cgit package. Review the package list at that link and identify the source packages you want to use. Then use the following to clone the source, generally best done to /usr/local/src/ on Linux. Please note that the AniNIX uses Webserver translation to eliminate the need for a .git suffix -- web requests will show in CGIT, while Git clone requests will pull the package all from the same URL. Right-click on your package of choice from the web interface's index page and then clone that address. <pre>
|
||||
git clone https://aninix.net/foundation/<packagename>
|
||||
</pre>
|
||||
|
||||
New packages should make sure to refer to the [[Development Best Practices]] to ensure they are compliant with standards; if you notice an issue with the Foundation's code, make sure to submit a [[QANs|QAN]]. [[TeamGreen|AniNIX::TeamGreen]] should be running regressions on these projects.
|
||||
|
||||
You can use [https://aur.archlinux.org/packages/hexedit-advanced-search/ Hexedit] to edit [file:///usr/share/webapps/cgit/cgit.cgi cgit.cgi] to have a different name, such as "AniNIX::Foundation Web".
|
||||
|
||||
## Dependencies
|
||||
For CentOS, one needs to use the following steps to install Mono. Packages like Cryptoworkbench, Heartbeat, Cerberus, and others require this.
|
||||
* yum install bison gettext glib2 freetype fontconfig libpng libpng-devel libX11 libX11-devel glib2-devel libgdi* libexif glibc-devel urw-fonts java unzip gcc gcc-c++ automake autoconf libtool make bzip2 wget
|
||||
* [https://download.mono-project.com/sources/mono/ Download Mono source]
|
||||
* tar xjvf the source package
|
||||
* configure; make; make install
|
||||
|
||||
*Note:* We used to declare the INSTALLER variable at the top of Makefiles, but no longer do. Non-ShadowArch installs should double check dependencies against the PKGBUILD files manually. We will try to keep this list short.
|
||||
|
||||
# Available Clients
|
||||
To get a client to access the Foundation, use one of the following or visit
|
||||
* ArchLinux: pacman -S git
|
||||
* Ubuntu: apt-get install git
|
||||
* RHEL/CentOS: yum install git
|
||||
* Windows: [https://git-scm.com/download/win Go here], but please be aware that file paths and such are coded for Linux. Windows users will need to conduct extensive code review to install these packages.
|
||||
* Mac: [https://git-scm.com/download/mac Go here]
|
||||
|
||||
Each package will need to be checked out individually.
|
||||
|
||||
**Alternatively**: ArchLinux users can add the following segment to the bottom of pacman.conf to install the packages as bundled by the AniNIX. We're working on adding GPG signing -- in the meantime, security-conscious users should build from source anyway.
|
||||
<pre>
|
||||
[AniNIX::Foundation]
|
||||
SigLevel = Optional TrustAll
|
||||
Server = https://aninix.net/foundation/
|
||||
</pre>
|
||||
|
||||
# Equivalents or Competition
|
||||
The most famous equivalent is [https://github.com GitHub]. Other source code control systems exist, including some provided by employers or academic institutions -- GitLab provides an enterprise-style implementation. Other protocol implementations vary widely -- Mercurial, Bazaar, and SVN are other revision control systems others use. We appreciate the flexibility of Git.
|
||||
|
||||
# Additional Reference
|
||||
Some core Git tools are leveraged in specific ways for the AniNIX.
|
||||
|
||||
## Config for Author
|
||||
Even though the [[Talk:IRC#Why_Not_SMTP|AniNIX doesn't use SMTP]], we still use the @aninix.net suffix for the user.email config property on branches. All commits, therefore, should have the proper-case of the user's [[IRC|AniNIX::IRC]] handle as the user.name attribute, and the lower-cased username followed by @aninix.net for the user.email attribute.
|
||||
|
||||
## Tags for Semantic Versioning
|
||||
We version our projects according to [https://semver.org/ Semantic Versioning] -- this versioning is established using the git tag as major and minor version, the git commit as the patch, and the number of commits since the tag as the ArchLinux release note.
|
||||
|
||||
[https://aninix.net/cgit/cgit.cgi/HelloWorld/tree/PKGBUILD Our HelloWorld PKGBUILD] demonstrates this -- most of the metadata for the package is populated directly by git, and only dependencies are tracked in the PKGBUILD itself.
|
||||
|
||||
## Branches for Functional Improvements
|
||||
All major functional improvements being worked should be tracked in a branch. The branch name should be the same as the [[QANs|QAN]] for which the branch was started or the functional concept's shortname.
|
||||
|
||||
## Filter-branch to Prune
|
||||
Git maintains a history of all files. If you need to remove files permanently, GitHub maintains [https://help.github.com/articles/removing-sensitive-data-from-a-repository/ an article] on how to use "git filter-branch" to purge it.
|
||||
}}
|
||||
[[Category:Public_Service]]
|
|
@ -0,0 +1,64 @@
|
|||
#!/bin/bash
|
||||
|
||||
URI=https://aninix.net/assets/css/theme-arc-green.css
|
||||
|
||||
# Gitea arc-green palette
|
||||
BOLDTEXT='#87ab63'
|
||||
TEXT='#9e9e9e'
|
||||
BGCOLOR='#383c4a'
|
||||
ACCENTBG='#353945'
|
||||
HEADERBG='#404552'
|
||||
ROW='#2a2e3a'
|
||||
HOVER='#a0cc75'
|
||||
NAV='#2e323e'
|
||||
|
||||
# AniNIX palette
|
||||
ANINIXBOLD='#df0000'
|
||||
ANINIXTEXT='#ffffff'
|
||||
ANINIXBG='#000000'
|
||||
ANINIXACCENTBG='#303030'
|
||||
ANINIXHEADERBG='#151515'
|
||||
ANINIXROW='#2a2a2a'
|
||||
ANINIXHOVER='#af0000'
|
||||
ANINIXNAV='#000000'
|
||||
|
||||
(curl -ks "$URI"; echo; echo ".home a {
|
||||
color: $ANINIXBOLD;
|
||||
}
|
||||
.bounding {
|
||||
border: 1px solid #FFF;
|
||||
border-radius: 15px;
|
||||
margin: 0;
|
||||
margin-top: 20px;
|
||||
padding: 10px;
|
||||
background-color: #000;
|
||||
margin-bottom: 30px;
|
||||
display: block;
|
||||
}
|
||||
|
||||
body {
|
||||
background-color: $ANINIXBG;
|
||||
color: $ANINIXTEXT;
|
||||
}
|
||||
|
||||
a {
|
||||
color: $ANINIXBOLD;
|
||||
}
|
||||
") \
|
||||
| sed "s/$BOLDTEXT/$ANINIXBOLD/gI" \
|
||||
| sed "s/$TEXT/$ANINIXTEXT/gI" \
|
||||
| sed "s/$ACCENTBG/$ANINIXACCENTBG/gI" \
|
||||
| sed "s/$HEADERBG/$ANINIXHEADERBG/gI" \
|
||||
| sed "s/$ROW/$ANINIXROW/gI" \
|
||||
| sed "s/$NAV/$ANINIXNAV/gI" \
|
||||
| sed "s/$HOVER/$ANINIXHOVER/gI" \
|
||||
| sed "s/$BGCOLOR/$ANINIXBG/gI" > /var/lib/gitea/custom/public/css/theme-aninix.css
|
||||
|
||||
cd /var/lib/gitea/web-snippets
|
||||
head="$(curl -ks https://aninix.net/ | grep -B 99999 -E '^<div class="home"')"
|
||||
foot="$(curl -ks https://aninix.net/ | grep -A 99999 -E '<footer>')"
|
||||
for i in `find . -type f`; do
|
||||
(echo "$head"
|
||||
cat "$i"
|
||||
echo "$foot") > /var/lib/gitea/custom/public/"$i".html
|
||||
done
|
|
@ -0,0 +1,32 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Build a sitemap dynamically.
|
||||
* Update Gitea's sitemap with: `php ./sitemap.php > /var/lib/gitea/custom/sitemap.xml`
|
||||
*
|
||||
* Builds according to https://www.sitemaps.org/protocol.html
|
||||
*/
|
||||
|
||||
/* Globals */
|
||||
$path="/srv/http/aninix.net/";
|
||||
|
||||
echo '<?xml version="1.0" encoding="UTF-8"?>
|
||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
|
||||
';
|
||||
|
||||
exec("(echo /srv/http/aninix.net/index.php; find /srv/http/aninix.net/pages -type f; find /srv/http/aninix.net/martialarts/ -type f) | grep -E \.php\$ | grep -vE ^./unlisted\|^./errors/\|head.php\|foot.php\|test\|Template\|darknet", $output);
|
||||
foreach ($output as &$file) {
|
||||
echo ' <url>
|
||||
';
|
||||
echo ' <loc>https://aninix.net/'.substr($file,strlen($path)).'</loc>
|
||||
';
|
||||
echo ' <lastmod>'.date('Y-m-d',filemtime($file)).'</lastmod>
|
||||
';
|
||||
echo ' </url>
|
||||
';
|
||||
}
|
||||
|
||||
/* Print footer */
|
||||
echo '</urlset>
|
||||
';
|
||||
?>
|
|
@ -0,0 +1,7 @@
|
|||
#e11d21 Blocked ; There are functional or technical reasons this can't be implemented yet
|
||||
#eb6420 Duplicate ; Another issue or PR already describes this issue
|
||||
#bfd4f2 On-hold ; Evaluated but not enough resources to complete now
|
||||
#009800 Peer-review ; Being reviewed for quality prior to merge
|
||||
#207de5 RFC ; More information and feedback is needed
|
||||
#fbca04 Wontfix ; Not a bug -- way it works
|
||||
#9c4ac2 In-progress ; Being worked.
|
|
@ -0,0 +1,31 @@
|
|||
# http://www.wtfpl.net/about/
|
||||
|
||||
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||
Version 2, December 2004
|
||||
|
||||
Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
|
||||
|
||||
Everyone is permitted to copy and distribute verbatim or modified
|
||||
copies of this license document, and changing it is allowed as long
|
||||
as the name is changed.
|
||||
|
||||
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. You just DO WHAT THE FUCK YOU WANT TO.
|
||||
|
||||
ANINIX ADDENDUM
|
||||
|
||||
Trademark 2017 (https://aninix.net/)
|
||||
|
||||
The "AniNIX" name and |> logo are trademarked as of 2017/11/21.
|
||||
AniNIX materials may be reproduced and re-used (though you must
|
||||
contact the admins of the network to get written permission to use
|
||||
the AniNIX name or logo) so long as such reproduction or re-use
|
||||
does not inhibit the original AniNIX use of the same.
|
||||
|
||||
Attribution is appreciated for other materials but not legally
|
||||
required or necessary.
|
||||
|
||||
"AniNIX" trademark serial: 87177883
|
||||
|> Logo trademark serial: 87177887
|
|
@ -0,0 +1,472 @@
|
|||
/* Borrowed from https://rawgit.com/BenZuser/Emby-Web-Dark-Themes-CSS/master/RED/theme.css */
|
||||
/*
|
||||
_________________________________________________________________________
|
||||
------------------------- COLOR HEX & RGB CODES -------------------------
|
||||
|
||||
RED : #E81123 & (232, 17, 35)
|
||||
DARK COLOR : #94131E
|
||||
|
||||
ORANGE : #FF8000 & (255, 128, 0)
|
||||
DARK COLOR : #BF6000
|
||||
|
||||
ORANGE PLEX : #CC7B19 & (204, 123, 25)
|
||||
DARK COLOR : #B35A00
|
||||
|
||||
YELLOW : #BDBD00 & (189, 189, 0)
|
||||
DARK COLOR : #757500
|
||||
|
||||
GREEN : #52B54B & (82, 181, 75)
|
||||
DARK COLOR : #3E8437
|
||||
|
||||
BLUE : #4285F4 & (66, 133, 244)
|
||||
DARK COLOR : #0C57D6
|
||||
|
||||
BLUE DARK : #3367d6 & (51,103,214)
|
||||
BLUE DARK (DARK) : #1f4698
|
||||
|
||||
PURPLE : #673AB7 & (103, 58, 183)
|
||||
DARK COLOR : #3F2471
|
||||
|
||||
GRAY : #7F7F7F & (127, 127, 127)
|
||||
DARK COLOR : #535353
|
||||
|
||||
PINK : #F707DF & (247, 7, 223)
|
||||
DARK COLOR : #C604B3
|
||||
|
||||
*/
|
||||
/*
|
||||
_________________________________________________________________________
|
||||
----------------------- EMBY THEME : ACCENT COLORS ----------------------
|
||||
|
||||
---------- Table of Contents ----------
|
||||
|
||||
1. ACCENT COLORS
|
||||
1.1 Buttons
|
||||
1.1.1 Checkboxes
|
||||
1.1.2 Rectangles
|
||||
1.1.3 Links & Text buttons
|
||||
1.1.4 Others
|
||||
1.2 Details
|
||||
1.2.1 Circles
|
||||
1.2.2 Indicators
|
||||
1.2.3 Fonts
|
||||
1.2.4 Icons
|
||||
1.2.5 Dialogs & Action Sheets
|
||||
1.2.6 Others
|
||||
1.3 Fixes
|
||||
|
||||
2. MISCELLANEOUS MODIFICATIONS
|
||||
2.1 Buttons
|
||||
2.2 Details
|
||||
2.2.1 Scrollbars
|
||||
2.2.2 Logos
|
||||
2.2.3 Others
|
||||
2.3 Fixes
|
||||
2.3.1 Dark Colors
|
||||
|
||||
*/
|
||||
/* ------------------------ 1. ACCENT COLORS ------------------------- */
|
||||
/* ----- 1.1 Buttons ----- */
|
||||
/* 1.1.1 Checkboxes */
|
||||
.emby-checkbox:checked + span + span + .checkboxOutline > .checkboxOutlineTick {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
.emby-checkbox:checked + span + span + .checkboxOutline,
|
||||
.progressring-spiner {
|
||||
border-color: #E81123 !important; }
|
||||
|
||||
.emby-checkbox:focus + span + .emby-checkbox-focushelper {
|
||||
background-color: #E81123 !important;
|
||||
opacity: 0.26 !important; }
|
||||
|
||||
/* 1.1.2 Rectangles */
|
||||
.raised {
|
||||
background: #404040 !important;
|
||||
color: #fff !important; }
|
||||
|
||||
.button-submit, .button-accent {
|
||||
background: #E81123 !important;
|
||||
color: #fff; }
|
||||
|
||||
.raised-mini.emby-button {
|
||||
background: #E81123 !important;
|
||||
color: #ffffff !important; }
|
||||
|
||||
/* Restart */
|
||||
.btnRestartContainer.emby-button {
|
||||
background: #E81123 !important;
|
||||
color: #fff; }
|
||||
|
||||
/* Play & Resume */
|
||||
.btnPlaySimple.emby-button {
|
||||
background: #E81123 !important;
|
||||
color: #fff; }
|
||||
|
||||
.btnResume.emby-button {
|
||||
background: #94131E !important;
|
||||
color: #fff; }
|
||||
|
||||
/* 1.1.3 Links & Text buttons */
|
||||
.button-link, .button-flat-accent, .button-accent-flat,
|
||||
.textlink {
|
||||
color: #E81123 !important; }
|
||||
|
||||
.button-link:hover, .button-flat-accent:hover,
|
||||
.button-accent-flat:hover, .textlink:hover {
|
||||
color: #9b9b9b !important; }
|
||||
|
||||
.button-link:active, .button-flat-accent:active,
|
||||
.button-accent-flat:active, .textlink:active {
|
||||
color: #94131E !important; }
|
||||
|
||||
/* Top Header */
|
||||
.emby-tab-button-active {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* 1.1.4 Others */
|
||||
/* Alpha Picker */
|
||||
.alphaPickerButton-selected, .alphaPickerButton-tv:focus {
|
||||
background-color: #E81123 !important;
|
||||
color: #fff !important; }
|
||||
|
||||
/* Radio Buttons */
|
||||
.mdl-radio__inner-circle {
|
||||
background: #E81123 !important; }
|
||||
|
||||
.mdl-radio__button:checked + .mdl-radio__label + .mdl-radio__outer-circle {
|
||||
border: 2px solid #E81123 !important; }
|
||||
|
||||
.mdl-radio__button:checked:focus + .mdl-radio__label + .mdl-radio__outer-circle + .mdl-radio__inner-circle {
|
||||
-webkit-box-shadow: 0 0 0 10px rgba(232, 17, 35, 0.26) !important;
|
||||
box-shadow: 0 0 0 10px rgba(232, 17, 35, 0.26) !important; }
|
||||
|
||||
/* Control Group Buttons */
|
||||
div[data-role="controlgroup"] a.ui-btn-active[data-role='button'] {
|
||||
background: #E81123 !important;
|
||||
color: #ffffff !important; }
|
||||
|
||||
/* ----- 1.2 Details ----- */
|
||||
/* 1.2.1 Circles */
|
||||
/*.listItemIcon:not(.listItemIcon-transparent) {
|
||||
background-color: $accent-color !important; }*/
|
||||
.dashboardSection i.listItemIcon.md-icon {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
.scheduledTaskPaperIconItem[data-status="Running"] i.listItemIcon.md-icon {
|
||||
background-color: #94131E !important; }
|
||||
|
||||
/* Focus Helper circles */
|
||||
.paper-icon-button-light:focus {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* 1.2.2 Indicators */
|
||||
.countIndicator, .playedIndicator {
|
||||
background: #E81123 !important; }
|
||||
|
||||
.levelNormal {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
.fullSyncIndicator {
|
||||
background: #E81123 !important;
|
||||
color: #fff; }
|
||||
|
||||
.playstatebutton-played i, .ratingbutton-withrating i {
|
||||
color: #E81123 !important; }
|
||||
|
||||
p#pUpToDate i.md-icon {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
/* Loading Spinners */
|
||||
.mdl-spinner__layer-1, .mdl-spinner__layer-2, .mdl-spinner__layer-3,
|
||||
.mdl-spinner__layer-4 {
|
||||
border-color: #E81123 !important; }
|
||||
|
||||
.progressring-spiner {
|
||||
border: 0.25em solid #E81123 !important; }
|
||||
|
||||
/* 1.2.3 Fonts */
|
||||
.selectLabelFocused, .textareaLabelFocused, .inputLabelFocused {
|
||||
color: #E81123 !important; }
|
||||
|
||||
.secondary.listItemBodyText span, div#divRunningTasks span {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* 1.2.4 Icons */
|
||||
.starIcon, .mediaInfoTimerIcon {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* Top Header */
|
||||
.btnActiveCast {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* Now Playing Bar & Now Playing Page */
|
||||
.repeatActive,
|
||||
button.btnCommand.repeatToggleButton.autoSize.nowPlayingPageRepeatActive {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* 1.2.5 Dialogs & Action Sheets */
|
||||
/* 1.2.6 Others */
|
||||
/* General Accent Color Modifications */
|
||||
:focus {
|
||||
outline: #E81123 auto 5px; }
|
||||
|
||||
select:focus {
|
||||
border-color: #E81123 !important; }
|
||||
|
||||
::selection {
|
||||
background-color: #94131E !important; }
|
||||
|
||||
.emby-input:focus, .emby-textarea:focus {
|
||||
border-color: #E81123 !important; }
|
||||
|
||||
/* Google Now Playing Bar & Now Playing Page */
|
||||
.iconOsdProgressInner, .mdl-slider__background-lower, .sliderBubble,
|
||||
.mdl-slider::-webkit-slider-thumb {
|
||||
background: #E81123 !important; }
|
||||
|
||||
.mdl-slider:focus::-webkit-slider-thumb {
|
||||
-webkit-box-shadow: 0 0 0 10px rgba(232, 17, 35, 0.26);
|
||||
box-shadow: 0 0 0 10px rgba(232, 17, 35, 0.26) !important; }
|
||||
|
||||
/* Firefox Now Playing Bar & Now Playing Page */
|
||||
.mdl-slider::-moz-range-thumb, .mdl-slider::-moz-range-progress {
|
||||
background: #E81123 !important; }
|
||||
|
||||
.mdl-slider:focus::-moz-range-thumb {
|
||||
box-shadow: 0 0 0 10px rgba(232, 17, 35, 0.26) !important; }
|
||||
|
||||
/* Progress Bars */
|
||||
.itemProgressBarForeground {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
.taskProgressInner {
|
||||
background: #E81123 !important; }
|
||||
|
||||
/* Google Progress Bars */
|
||||
progress::-webkit-progress-value {
|
||||
background: #E81123 !important; }
|
||||
|
||||
/* Firefox Progress Bars */
|
||||
progress::-moz-progress-bar {
|
||||
background: #E81123 !important; }
|
||||
|
||||
/* Edge Progress Bars */
|
||||
progress {
|
||||
background: #E81123 !important; }
|
||||
|
||||
/* Main Drawers */
|
||||
.navMenuDivider {
|
||||
background: #262626 !important; }
|
||||
|
||||
.adminDrawerLogo {
|
||||
border-bottom: 1px solid #262626 !important; }
|
||||
|
||||
.mainDrawer {
|
||||
background: #181818 !important; }
|
||||
|
||||
.sidebarHeader {
|
||||
color: #bbbbbb !important; }
|
||||
|
||||
.navMenuOption {
|
||||
color: #ffffff !important; }
|
||||
|
||||
.navMenuOption.navMenuOption-selected {
|
||||
background: #252528 !important;
|
||||
color: #E81123 !important; }
|
||||
|
||||
.navMenuOption:hover {
|
||||
background: #252528 !important;
|
||||
color: #9b9b9b !important; }
|
||||
|
||||
/* Metadata Editor */
|
||||
div.jstree-wholerow.jstree-wholerow-clicked:hover,
|
||||
div.jstree-wholerow.jstree-wholerow-clicked,
|
||||
div.jstree-wholerow.jstree-wholerow-hovered {
|
||||
background: #252528 !important; }
|
||||
|
||||
.jstree-anchor.jstree-clicked,
|
||||
.jstree-anchor.jstree-clicked.jstree-hovered {
|
||||
background: #252528 !important;
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* Multi-select */
|
||||
.itemSelectionPanel {
|
||||
border: 1px solid #E81123 !important; }
|
||||
|
||||
.selectionCommandsPanel {
|
||||
background: #E81123 !important;
|
||||
color: #fff; }
|
||||
|
||||
/* upNextDialog */
|
||||
.upNextDialog-countdownText {
|
||||
color: #E81123 !important; }
|
||||
|
||||
/* Selection Bars */
|
||||
.emby-select-selectionbar, .emby-textarea-selectionbar,
|
||||
.emby-input-selectionbar {
|
||||
background-color: #E81123 !important; }
|
||||
|
||||
/* Media Info Detail Image */
|
||||
.itemDetailImage.loaded:hover {
|
||||
border: 1px solid #E81123 !important; }
|
||||
|
||||
/* 1.3 Fixes */
|
||||
/* ------------------ 2. MISCELLANEOUS MODIFICATIONS ----------------- */
|
||||
/* ----- 2.1 Buttons ----- */
|
||||
/* Circles */
|
||||
.fab {
|
||||
background-color: transparent !important;
|
||||
-webkit-box-shadow: none !important;
|
||||
box-shadow: none !important;
|
||||
-webkit-transition: none !important;
|
||||
-o-transition: none !important;
|
||||
transition: none !important; }
|
||||
|
||||
/* ----- 2.2 Details ----- */
|
||||
/* 2.2.1 Scrollbars */
|
||||
/* Google Chrome */
|
||||
::-webkit-scrollbar-corner {
|
||||
background-color: #3B3B3B; }
|
||||
|
||||
::-webkit-scrollbar {
|
||||
width: 10px;
|
||||
height: 10px;
|
||||
background-color: #3B3B3B; }
|
||||
|
||||
::-webkit-scrollbar-thumb {
|
||||
-webkit-border-radius: 2px;
|
||||
border-radius: 2px;
|
||||
background: #888888; }
|
||||
|
||||
/* Google Chrome - Dashboard Drawer */
|
||||
div.scrollContainer.smoothScrollY::-webkit-scrollbar-corner {
|
||||
background-color: transparent !important; }
|
||||
|
||||
div.scrollContainer.smoothScrollY::-webkit-scrollbar {
|
||||
width: 2px;
|
||||
height: 2px;
|
||||
background-color: transparent !important; }
|
||||
|
||||
div.scrollContainer.smoothScrollY::-webkit-scrollbar-thumb {
|
||||
-webkit-border-radius: 2px;
|
||||
border-radius: 2px;
|
||||
background: #888888; }
|
||||
|
||||
/* Google Chrome - Filter Dialog */
|
||||
.dynamicFilterDialog::-webkit-scrollbar-corner {
|
||||
background-color: transparent !important; }
|
||||
|
||||
.dynamicFilterDialog::-webkit-scrollbar {
|
||||
width: 2px;
|
||||
height: 2px;
|
||||
background-color: transparent !important; }
|
||||
|
||||
.dynamicFilterDialog::-webkit-scrollbar-thumb {
|
||||
-webkit-border-radius: 2px;
|
||||
border-radius: 2px;
|
||||
background: #888888; }
|
||||
|
||||
/* 2.2.2 Logos */
|
||||
/* Login Page */
|
||||
.imgLogoIcon {
|
||||
content: url(https://cdn.rawgit.com/BenZuser/Emby-Dark-Themes-Resources/master/images/logos-and-icons/RED/logo.png) !important; }
|
||||
|
||||
/* Main Drawer Mobile */
|
||||
.adminDrawerLogo img {
|
||||
content: url(https://cdn.rawgit.com/BenZuser/Emby-Dark-Themes-Resources/master/images/logos-and-icons/RED/logo.png) !important; }
|
||||
|
||||
/* Home Page */
|
||||
.pageTitleWithLogo {
|
||||
background-image: url(https://cdn.rawgit.com/BenZuser/Emby-Dark-Themes-Resources/master/images/logos-and-icons/RED/logo.png) !important; }
|
||||
|
||||
/* 2.2.3 Others */
|
||||
/* CSS Box */
|
||||
#txtCustomCss {
|
||||
height: 300px !important;
|
||||
overflow-y: scroll !important; }
|
||||
|
||||
/* Select Box */
|
||||
select option {
|
||||
background-color: #2b2b2b !important;
|
||||
color: #ffffff !important; }
|
||||
|
||||
/* Dialogs */
|
||||
.formDialogHeader:not(.formDialogHeader-clear),
|
||||
.formDialogFooter:not(.formDialogFooter-clear) {
|
||||
background-color: #121212 !important;
|
||||
color: #fff; }
|
||||
|
||||
/* Headers */
|
||||
.skinHeader {
|
||||
background-color: #080808 !important;
|
||||
color: #fff !important; }
|
||||
|
||||
.skinHeader-withBackground {
|
||||
background-color: #080808 !important; }
|
||||
|
||||
@supports (backdrop-filter: blur(1.5em)) or (-webkit-backdrop-filter: blur(1.5em)) {
|
||||
.skinHeader-blurred {
|
||||
background: rgba(20, 20, 20, 0.7) !important;
|
||||
-webkit-backdrop-filter: blur(1.5em) !important;
|
||||
backdrop-filter: blur(1.5em) !important; } }
|
||||
.skinHeader.semiTransparent {
|
||||
-webkit-backdrop-filter: none !important;
|
||||
backdrop-filter: none !important;
|
||||
background-color: rgba(0, 0, 0, 0.4) !important;
|
||||
background-image: -webkit-gradient(linear, left top, left bottom, color-stop(10%, rgba(0, 0, 0, 0.7)), color-stop(10%, transparent)) !important;
|
||||
background-image: -webkit-linear-gradient(top, rgba(0, 0, 0, 0.7) 10%, transparent) !important;
|
||||
background-image: -moz-linear-gradient(top, rgba(0, 0, 0, 0.7) 10%, transparent) !important;
|
||||
background-image: -o-linear-gradient(top, rgba(0, 0, 0, 0.7) 10%, transparent) !important;
|
||||
background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.7) 10%, transparent) !important; }
|
||||
|
||||
.appfooter {
|
||||
background: #080808 !important;
|
||||
color: #fff !important; }
|
||||
|
||||
@supports (backdrop-filter: blur(10px)) or (-webkit-backdrop-filter: blur(10px)) {
|
||||
.appfooter-blurred {
|
||||
background: rgba(24, 24, 24, 0.7) !important;
|
||||
-webkit-backdrop-filter: blur(20px) !important;
|
||||
backdrop-filter: blur(20px) !important; } }
|
||||
/* TV Global Modifications */
|
||||
.emby-tab-button-active.emby-button-tv {
|
||||
color: #fff !important; }
|
||||
|
||||
.guide-channelHeaderCell, .guide-channelTimeslotHeader {
|
||||
background: #2e2e2e !important; }
|
||||
|
||||
.guide-programTextIcon {
|
||||
color: #1e1e1e !important;
|
||||
background: #555 !important; }
|
||||
|
||||
.guide-headerTimeslots {
|
||||
color: #ccc !important; }
|
||||
|
||||
/* ----- 2.3 Fixes ----- */
|
||||
/* 2.3.1 Dark Colors */
|
||||
.autoorganizetable tbody tr:nth-child(odd) td, .autoorganizetable tbody tr:nth-child(odd) th {
|
||||
background-color: #222326 !important; }
|
||||
|
||||
.autoorganizetable > .table > tbody > tr {
|
||||
border: 1px solid #222326 !important; }
|
||||
|
||||
/*
|
||||
_____________________________________________________________________
|
||||
|
||||
Emby Dark Themes is maintained by Ben Z (BenZuser)
|
||||
with the contribution of Happy2Play.
|
||||
_____________________________________________________________________
|
||||
|
||||
*/
|
||||
/* TEMPORARY FIXES */
|
||||
/* Links */
|
||||
.searchSuggestionsList a, .noItemsMessage a, a.lnkPremiere {
|
||||
color: #E81123 !important; }
|
||||
|
||||
.searchSuggestionsList a:hover, .noItemsMessage a:hover,
|
||||
a.lnkPremiere:hover {
|
||||
color: #9b9b9b !important; }
|
||||
|
||||
.searchSuggestionsList a:active, .noItemsMessage a:active,
|
||||
a.lnkPremiere:active {
|
||||
color: #94131E !important; }
|
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,55 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
|
||||
<url>
|
||||
<loc>https://aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/martialarts/index.html</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://foundation.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://foundation.aninix.net/explore/repos</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://foundation.aninix.net/AniNIX/Wiki</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://irc.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://password.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://maat.aninix.net/index.html</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://singularity.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://wolfpack.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://yggdrasil.aninix.net/</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://sharingan.aninix.net</loc>
|
||||
<lastmod>2020-09-20</lastmod>
|
||||
</url>
|
||||
<!-- Unlisted:
|
||||
lykos.aninix.net
|
||||
adhan.aninix.net
|
||||
-->
|
||||
</urlset>
|
|
@ -0,0 +1,271 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en-US" class="theme-">
|
||||
<head data-suburl="">
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<meta http-equiv="x-ua-compatible" content="ie=edge">
|
||||
<title> AniNIX </title>
|
||||
<link rel="manifest" href="/manifest.json" crossorigin="use-credentials">
|
||||
<meta name="theme-color" content="#ff0000">
|
||||
<meta name="author" content="AniNIX::Foundation" />
|
||||
<meta name="description" content="AniNIX::Foundation \\ Code, documentation, and information sharing powered by Gitea (git with a cup of tea)" />
|
||||
<meta name="keywords" content="go,git,self-hosted,gitea,aninix,aninix::foundation">
|
||||
<meta name="referrer" content="no-referrer" />
|
||||
<meta name="_csrf" content="iI1Kkrppem-yCnHGCll-UshSK6A6MTYwMDcwNjM3MTUxOTU5NzYxNg" />
|
||||
|
||||
|
||||
|
||||
|
||||
<script>
|
||||
/*
|
||||
@licstart The following is the entire license notice for the
|
||||
JavaScript code in this page.
|
||||
|
||||
Copyright (c) 2016 The Gitea Authors
|
||||
Copyright (c) 2015 The Gogs Authors
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
---
|
||||
Licensing information for additional javascript libraries can be found at:
|
||||
{{StaticUrlPrefix}}/vendor/librejs.html
|
||||
|
||||
@licend The above is the entire license notice
|
||||
for the JavaScript code in this page.
|
||||
*/
|
||||
</script>
|
||||
<script>
|
||||
window.config = {
|
||||
AppVer: '1.12.4',
|
||||
AppSubUrl: '',
|
||||
StaticUrlPrefix: '',
|
||||
UseServiceWorker: true ,
|
||||
csrf: 'iI1Kkrppem-yCnHGCll-UshSK6A6MTYwMDcwNjM3MTUxOTU5NzYxNg',
|
||||
HighlightJS: false,
|
||||
Minicolors: false,
|
||||
SimpleMDE: false,
|
||||
Tribute: false,
|
||||
U2F: false,
|
||||
Heatmap: false,
|
||||
heatmapUser: null,
|
||||
NotificationSettings: {
|
||||
MinTimeout: 10000 ,
|
||||
TimeoutStep: 10000 ,
|
||||
MaxTimeout: 60000 ,
|
||||
EventSourceUpdateTime: 10000 ,
|
||||
},
|
||||
|
||||
};
|
||||
</script>
|
||||
<link rel="shortcut icon" href="/img/favicon.png">
|
||||
<link rel="mask-icon" href="/img/gitea-safari.svg" color="#609926">
|
||||
<link rel="fluid-icon" href="/img/gitea-lg.png" title="AniNIX">
|
||||
<link rel="stylesheet" href="/vendor/assets/font-awesome/css/font-awesome.min.css">
|
||||
|
||||
|
||||
|
||||
<link rel="stylesheet" href="/fomantic/semantic.min.css?v=d8d448774563cec3783c3b65d4e914b6">
|
||||
<link rel="stylesheet" href="/css/index.css?v=d8d448774563cec3783c3b65d4e914b6">
|
||||
<noscript>
|
||||
<style>
|
||||
.dropdown:hover > .menu { display: block; }
|
||||
.ui.secondary.menu .dropdown.item > .menu { margin-top: 0; }
|
||||
</style>
|
||||
</noscript>
|
||||
|
||||
<style class="list-search-style"></style>
|
||||
|
||||
<meta property="og:title" content="AniNIX">
|
||||
<meta property="og:type" content="website" />
|
||||
<meta property="og:image" content="/img/gitea-lg.png" />
|
||||
<meta property="og:url" content="https://foundation.aninix.net/" />
|
||||
<meta property="og:description" content="AniNIX::Foundation \\ Code, documentation, and information sharing powered by Gitea (git with a cup of tea)">
|
||||
|
||||
<meta property="og:site_name" content="AniNIX" />
|
||||
|
||||
<link rel="stylesheet" href="/css/theme-aninix.css?v=d8d448774563cec3783c3b65d4e914b6">
|
||||
|
||||
<link rel="icon" type="image/png" href="/img/AniNIX.png" />
|
||||
<link rel="alternate" type="application/rss+xml" title="AniNIX::RSS" href="/aninix.xml" />
|
||||
<link rel='apple-touch-icon' sizes='180x180' href='/img/AniNIX.png' />
|
||||
<meta name='apple-mobile-web-app-capable' content='yes' />
|
||||
|
||||
</head>
|
||||
<body>
|
||||
|
||||
|
||||
<div class="full height">
|
||||
<noscript>This website works better with JavaScript.</noscript>
|
||||
|
||||
|
||||
|
||||
|
||||
<div class="ui top secondary stackable main menu following bar light">
|
||||
<div class="ui container" id="navbar">
|
||||
<div class="item brand" style="justify-content: space-between;">
|
||||
<a href="/">
|
||||
<img class="ui mini image" src="/img/gitea-sm.png">
|
||||
</a>
|
||||
<div class="ui basic icon button mobile-only" id="navbar-expand-toggle">
|
||||
<i class="sidebar icon"></i>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<a class="item active" href="/">Home</a>
|
||||
<a class="item " href="/explore/repos">Explore</a>
|
||||
|
||||
|
||||
<a class="item" target="_blank" id="chat" href="https://irc.aninix.net/">Chat</a>
|
||||
<a class="item" target="_blank" id="pwdchange" href="https://password.aninix.net/">Change Password</a>
|
||||
<a class="item" id="martialarts" href="/martialarts/">Martial Arts</a>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<a class="item" target="_blank" rel="noopener noreferrer" href="https://docs.gitea.io">Help</a>
|
||||
<div class="right stackable menu">
|
||||
|
||||
<a class="item" href="/user/sign_up">
|
||||
<svg class="svg octicon-person" width="16" height="16" aria-hidden="true"><use xlink:href="#octicon-person" /></svg> Register
|
||||
</a>
|
||||
|
||||
<a class="item" rel="nofollow" href="/user/login?redirect_to=">
|
||||
<svg class="svg octicon-sign-in" width="16" height="16" aria-hidden="true"><use xlink:href="#octicon-sign-in" /></svg> Sign In
|
||||
</a>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
|
||||
<div class="home">
|
||||
<h2>Thank you for your purchase!</h2>
|
||||
<footer>
|
||||
<div class="ui container">
|
||||
<div class="ui left">
|
||||
Powered by Gitea Page: <strong>0ms</strong> Template: <strong>0ms</strong>
|
||||
</div>
|
||||
<div class="ui right links">
|
||||
|
||||
<div class="ui language bottom floating slide up dropdown link item">
|
||||
<i class="world icon"></i>
|
||||
<div class="text">English</div>
|
||||
<div class="menu">
|
||||
|
||||
<a lang="en-US" class="item active selected" href="#">English</a>
|
||||
|
||||
<a lang="zh-CN" class="item " href="?lang=zh-CN">简体中文</a>
|
||||
|
||||
<a lang="zh-HK" class="item " href="?lang=zh-HK">繁體中文(香港)</a>
|
||||
|
||||
<a lang="zh-TW" class="item " href="?lang=zh-TW">繁體中文(台灣)</a>
|
||||
|
||||
<a lang="de-DE" class="item " href="?lang=de-DE">Deutsch</a>
|
||||
|
||||
<a lang="fr-FR" class="item " href="?lang=fr-FR">français</a>
|
||||
|
||||
<a lang="nl-NL" class="item " href="?lang=nl-NL">Nederlands</a>
|
||||
|
||||
<a lang="lv-LV" class="item " href="?lang=lv-LV">latviešu</a>
|
||||
|
||||
<a lang="ru-RU" class="item " href="?lang=ru-RU">русский</a>
|
||||
|
||||
<a lang="uk-UA" class="item " href="?lang=uk-UA">Українська</a>
|
||||
|
||||
<a lang="ja-JP" class="item " href="?lang=ja-JP">日本語</a>
|
||||
|
||||
<a lang="es-ES" class="item " href="?lang=es-ES">español</a>
|
||||
|
||||
<a lang="pt-BR" class="item " href="?lang=pt-BR">português do Brasil</a>
|
||||
|
||||
<a lang="pl-PL" class="item " href="?lang=pl-PL">polski</a>
|
||||
|
||||
<a lang="bg-BG" class="item " href="?lang=bg-BG">български</a>
|
||||
|
||||
<a lang="it-IT" class="item " href="?lang=it-IT">italiano</a>
|
||||
|
||||
<a lang="fi-FI" class="item " href="?lang=fi-FI">suomi</a>
|
||||
|
||||
<a lang="tr-TR" class="item " href="?lang=tr-TR">Türkçe</a>
|
||||
|
||||
<a lang="cs-CZ" class="item " href="?lang=cs-CZ">čeština</a>
|
||||
|
||||
<a lang="sr-SP" class="item " href="?lang=sr-SP">српски</a>
|
||||
|
||||
<a lang="sv-SE" class="item " href="?lang=sv-SE">svenska</a>
|
||||
|
||||
<a lang="ko-KR" class="item " href="?lang=ko-KR">한국어</a>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
<a href="/vendor/librejs.html" data-jslicense="1">JavaScript licenses</a>
|
||||
<a href="/api/swagger">API</a>
|
||||
<a target="_blank" rel="noopener noreferrer" href="https://gitea.io">Website</a>
|
||||
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</footer>
|
||||
|
||||
|
||||
<script src="/js/jquery.js?v=d8d448774563cec3783c3b65d4e914b6"></script>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<script src="/fomantic/semantic.min.js?v=d8d448774563cec3783c3b65d4e914b6"></script>
|
||||
<script src="/js/index.js?v=d8d448774563cec3783c3b65d4e914b6"></script>
|
||||
|
||||
<script type="text/javascript">
|
||||
var _gaq = _gaq || [];
|
||||
_gaq.push(['_setAccount', 'UA-18148792-3']);
|
||||
_gaq.push(['_trackPageview']);
|
||||
|
||||
(function() {
|
||||
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
|
||||
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
|
||||
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
|
||||
})();
|
||||
|
||||
</script>
|
||||
|
||||
<script src="https://redalert.battleforthenet.com/widget.js" async></script>
|
||||
|
||||
<script type="text/javascript">
|
||||
document.getElementsByClassName('brand')[0].children[0].children[0].src="/img/AniNIX.png";
|
||||
$('meta[property=og\\:image]').attr('content', '/img/AniNIX.png');
|
||||
$('link[rel="mask-icon"]').attr('href', '/img/AniNIX.png');
|
||||
$('link[rel="mask-icon"]').attr('color', '#000000');
|
||||
document.getElementsById("pwdchange").setAttribute("target","_blank");
|
||||
document.getElementsById("chat").setAttribute("target","_blank");
|
||||
</script>
|
||||
|
||||
|
||||
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,9 @@
|
|||
User-agent: *
|
||||
Allow: /$
|
||||
Allow: /issues
|
||||
Allow: /pulls
|
||||
Allow: /explore
|
||||
Allow: /AniNIX/
|
||||
Allow: /martialarts/
|
||||
Allow: /sitemap.xml
|
||||
Disallow: /
|
|
@ -0,0 +1,47 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
|
||||
<url>
|
||||
<loc>https://aninix.net/index.php</loc>
|
||||
<lastmod>2019-10-24</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/legal.php</loc>
|
||||
<lastmod>2018-01-24</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/wiki.php</loc>
|
||||
<lastmod>2017-05-09</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/martialarts.php</loc>
|
||||
<lastmod>2018-09-18</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/qr.php</loc>
|
||||
<lastmod>2016-11-01</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/social.php</loc>
|
||||
<lastmod>2019-10-04</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/webapps.php</loc>
|
||||
<lastmod>2018-10-11</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/downloads.php</loc>
|
||||
<lastmod>2018-04-06</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/charity.php</loc>
|
||||
<lastmod>2018-04-06</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/pages/chatroom.php</loc>
|
||||
<lastmod>2017-05-09</lastmod>
|
||||
</url>
|
||||
<url>
|
||||
<loc>https://aninix.net/martialarts/index.php</loc>
|
||||
<lastmod>2019-08-26</lastmod>
|
||||
</url>
|
||||
</urlset>
|
|
@ -0,0 +1,3 @@
|
|||
<a class="item" target="_blank" id="chat" href="https://irc.aninix.net/">Chat</a>
|
||||
<a class="item" target="_blank" id="pwdchange" href="https://password.aninix.net/">Change Password</a>
|
||||
<a class="item" id="martialarts" href="{{AppSubUrl}}/martialarts/">Martial Arts</a>
|
|
@ -0,0 +1,24 @@
|
|||
<!-- Google Analytics -->
|
||||
<script type="text/javascript">
|
||||
var _gaq = _gaq || [];
|
||||
_gaq.push(['_setAccount', 'UA-18148792-3']);
|
||||
_gaq.push(['_trackPageview']);
|
||||
|
||||
(function() {
|
||||
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
|
||||
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
|
||||
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
|
||||
})();
|
||||
|
||||
</script>
|
||||
<!-- Replace Gitea icon with AniNIX -->
|
||||
<script type="text/javascript">
|
||||
document.getElementById('navbar').children[0].children[0].children[0].src="/assets/img/AniNIX.png";
|
||||
$('meta[property=og\\:image]').attr('content', '/assets/img/AniNIX.png');
|
||||
$('link[rel="mask-icon"]').attr('href', '/assets/img/AniNIX.png');
|
||||
$('link[rel="mask-icon"]').attr('color', '#000000');
|
||||
document.getElementById("pwdchange").setAttribute("target","_blank");
|
||||
document.getElementById("chat").setAttribute("target","_blank");
|
||||
</script>
|
||||
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
<link rel="icon" type="image/png" href="/assets/img/AniNIX.png" />
|
||||
<link rel="alternate" type="application/rss+xml" title="AniNIX/RSS" href="/aninix.xml" />
|
||||
<link rel='apple-touch-icon' sizes='180x180' href='/assets/img/AniNIX.png' />
|
||||
<meta name='apple-mobile-web-app-capable' content='yes' />
|
|
@ -0,0 +1,88 @@
|
|||
{{template "base/head" .}}
|
||||
<!-- BEGIN CUSTOM HOME -->
|
||||
<div class="home">
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div>
|
||||
<img class="logo" src="{{AppSubUrl}}/assets/img/avatar_default.png" />
|
||||
</div>
|
||||
<div class="hero">
|
||||
<h1 class="ui icon header title">
|
||||
AniNIX
|
||||
</h1>
|
||||
<h2>Welcome to the network</h2>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src='/assets/img/icons/FoundationIcon.png'/>
|
||||
<a href="https://foundation.aninix.net/explore/repos">Open source security</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
The AniNIX's primary goal is to ensure everyone has access to the knowledge they need to build a low-cost, secure platform. We make all our source-code accessible and open-source.
|
||||
</p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src='/assets/img/icons/IRCIcon.png'/>
|
||||
<a href='ircs://aninix.net:6697/#lobby'>Contact us anytime</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
We run an open IRC network -- we'd love to connect with you there. Not familiar with IRC? No worries -- we have a <a href="https://irc.aninix.net/" target=_blank alt="AniNIX/IRC (Web)" id="webchat">webchat</a> available.
|
||||
</p> </div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src="/assets/img/icons/WikiIcon.png"/>
|
||||
<a href="/AniNIX/Wiki">Open documentation</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
We maintain a Wiki to document how and why we do what we do. Hopefully, it can both help others to learn more about computing and spark discussion with the community at large.
|
||||
</p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20x src="/assets/img/icons/MaatIcon.png"/>
|
||||
<a href="https://maat.aninix.net/">Downloads</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
We offer downloads from our AniNIX::Maat continuous-deployment system, including static files and packages for <a href="https://archlinux.org/">ArchLinux-style distributions.</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<hr style="margin-top: 50px;" />
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div class="hero">
|
||||
<h2>Webapps</h2>
|
||||
<p>We host a number of web apps to make our users' lives easier.
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="four wide center column"><a title="AniNIX/Singularity" href="https://singularity.aninix.net"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" alt=RSS src="/assets/img/icons/SingularityIcon.png" /><p>AniNIX/Singularity (News powered by TT-RSS)</p></a></div>
|
||||
<div class="four wide center column"><a title="AniNIX/Yggdrasil" href="https://yggdrasil.aninix.net"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/icons/YggdrasilIcon.png" /><p>AniNIX/Yggdrasil (Media powered by Emby)</p></a></div>
|
||||
<div class="four wide center column"><a title="AniNIX/Sharingan" href="https://sharingan.aninix.net"><img src="/assets/img/icons/SharinganIcon.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /><p>AniNIX/Sharingan (Monitoring powered by Nagios)</p></a></div>
|
||||
<div class="four wide center column"><a title="AniNIX/WolfPack" href="https://wolfpack.aninix.net"><img src="/assets/img/icons/WolfPackIcon.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /><p>AniNIX/WolfPack (Botnet download results)</p></a></div>
|
||||
</div>
|
||||
</div>
|
||||
<hr style="margin-top: 50px;" />
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div class="hero">
|
||||
<h2>Follow us on social media</h2>
|
||||
<p>We want to stay in touch with you, so we are present on the social media platforms we find applicable.<br/> Have one you want us on? Contact us and let us know!</p>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="two wide center column"><!--placeholder--><p> </p></div>
|
||||
<div class="two wide center column"><a title=AniNIX/RSS href="/assets/aninix.xml"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" alt=RSS src="/assets/img/social/rss.png" /></a></div>
|
||||
<div class="two wide center column"><a title=Discord href="https://discord.gg/2bmggfR"><img alt=Discord style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/discord.ico" /></a></div>
|
||||
<div class="two wide center column"><a title=GitHub href="https://github.com/AniNIX"><img alt=GitHub src="/assets/img/social/github.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /></a></div>
|
||||
<div class="two wide center column"><a title=YouTube href="https://www.youtube.com/channel/UCe-WNM2mbI51xoVZp3K_wFQ"><img src="/assets/img/social/youtube.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /></a></div>
|
||||
<div class="two wide center column"><a title=LinkedIn href="https://www.linkedin.com/groups/13577720"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/linkedin.png" /></a></div>
|
||||
<div class="two wide center column"><a title=Facebook href="https://facebook.com/aninixnetwork"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/facebook.png" /></a></div>
|
||||
<div class="two wide center column"><!--placeholder--><p> </p></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<!-- END CUSTOM HOME -->
|
||||
{{template "base/footer" .}}
|
|
@ -0,0 +1,51 @@
|
|||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
After=mysqld.service
|
||||
After=postgresql.service
|
||||
After=memcached.service
|
||||
After=redis.service
|
||||
|
||||
[Service]
|
||||
User=gitea
|
||||
Group=gitea
|
||||
Type=simple
|
||||
WorkingDirectory=~
|
||||
RuntimeDirectory=gitea
|
||||
LogsDirectory=gitea
|
||||
StateDirectory=gitea
|
||||
Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea GITEA_CUSTOM=/var/lib/gitea/custom/
|
||||
ExecStart=/usr/bin/gitea web -c /var/lib/gitea/custom/conf/app.ini --custom-path=/var/lib/gitea/custom/
|
||||
Restart=always
|
||||
RestartSec=2s
|
||||
ReadWritePaths=/var/lib/gitea/custom/conf/app.ini
|
||||
AmbientCapabilities=
|
||||
CapabilityBoundingSet=
|
||||
LockPersonality=true
|
||||
#Required by commit search
|
||||
#MemoryDenyWriteExecute=true
|
||||
NoNewPrivileges=True
|
||||
#SecureBits=noroot-locked
|
||||
PrivateDevices=true
|
||||
PrivateTmp=true
|
||||
PrivateUsers=true
|
||||
ProtectClock=true
|
||||
ProtectControlGroups=true
|
||||
ProtectHome=true
|
||||
ProtectHostname=true
|
||||
ProtectKernelLogs=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectProc=invisible
|
||||
ProtectSystem=strict
|
||||
RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
|
||||
RestrictNamespaces=true
|
||||
RestrictRealtime=true
|
||||
RestrictSUIDSGID=true
|
||||
SystemCallArchitectures=native
|
||||
SystemCallFilter=@system-service
|
||||
SystemCallErrorNumber=EPERM
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,10 @@
|
|||
[Trigger]
|
||||
Operation = Install
|
||||
Operation = Upgrade
|
||||
Type = Package
|
||||
Target = gitea
|
||||
|
||||
[Action]
|
||||
Description = Updating Gitea Custom Pages
|
||||
When = PostTransaction
|
||||
Exec = /usr/bin/runuser -u gitea -- /usr/bin/bash /var/lib/gitea/custom/bin/gen-aninix-custom
|
|
@ -0,0 +1,10 @@
|
|||
[Trigger]
|
||||
Operation = Install
|
||||
Operation = Upgrade
|
||||
Type = Package
|
||||
Target = gitea
|
||||
|
||||
[Action]
|
||||
Description = Updating Gitea Custom Pages
|
||||
When = PostTransaction
|
||||
Exec = /usr/bin/runuser -u gitea -- /usr/bin/bash /var/lib/gitea/custom/bin/gen-aninix-custom
|
|
@ -0,0 +1,82 @@
|
|||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<!--<div class="ui negative message"><p>We are open despite COVID-19 -- those attending in person will need to sign a waiver of health and follow all state requirements, including wearing a mask.</p></div>-->
|
||||
<div>
|
||||
<img class="logo" src="/assets/img/icons/MartialArtsIcon.png" />
|
||||
</div>
|
||||
<div class="hero">
|
||||
<h1 class="ui icon header title">
|
||||
AniNIX Martial Arts
|
||||
</h1>
|
||||
<h2>Open-source, research-driven self-defense and personal health</h2>
|
||||
<p>AniNIX Martial Arts is a small martial arts collective focusing on research-driven martial arts. Our core style is USHF HapKiDo, but we are influenced by HEMA, Razmafzar, Kali, Shaolin, Silat, JKD, BJJ, and many other systems. We are a research-driven group -- we encourage cross-training with other systems and will bring in new concepts regularly. The class is open to all experience levels, gender identity, gender expression, sexual orientation, religious or cultural identity, socioecomic status, or age (above 14), in Southcentral Wisconsin -- we will fit your training to your needs and goals.</p><p>Drop-ins are welcome, and registration is cheap. We hope you'll give us a chance to show you what we can do.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src='/assets/img/icons/FoundationIcon.png'/>
|
||||
<a href="/mawiki">Open-source</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
We want your training with our system to become a part of your life. This means that we provide access to a revision-controlled copy of our notes that all our students can download, keep, and contribute to. We're tired of the old era where how the system works is kept hidden from students and piecemealed out as a marketing ploy -- we want to be as trasparent as possible in how our program and our martial art function. Transparency keeps our instructors honest and our students engaged -- this means a better martial arts experience for everyone.
|
||||
</p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src='/assets/img/ushf.jpg'/>
|
||||
<a href='https://ushapkidofederation.wordpress.com/'>Research-driven</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
Our system is always growing. We are a United States HapKiDo Federation (USHF) school, and that gives us access to high-quality instructors and seminar material each year from across the US. We also maintain good relationships with other schools in our area -- we want our students to examine what they're learing and make sure that it works, and that means looking at different perspectives.
|
||||
</p> </div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src="/assets/img/icons/MartialArtsIcon.png"/>
|
||||
<a href="/martialarts/index.html#storefront">Low-cost</a>
|
||||
</h1>
|
||||
<p class="large">We are non-profit group -- we train because we feel like it makes life better, not to make money. As such, our costs are publicly documented and our rates match the same. Classes will be informed of potential changes to costs well in advance, and we use recurring payments. We want you thinking about your training, not how you're going to pay for it.</p>
|
||||
<p class="large">
|
||||
<ul style="text-align: left;">
|
||||
<li><b>Cost:</b> $10 per month in-person; $5 per month livestream -- pay below.</li>
|
||||
<li><b>Lessons:</b>Tuesdays 7-8:30 p.m.</li>
|
||||
<li><b>Sparring:</b>Tuesdays 6-7 p.m.</li>
|
||||
<li><b>Shaolin Workouts:</b> Saturday mornings at 8 a.m. </li>
|
||||
<li><b>Location:</b> <a href="https://g.page/aninix-martial-arts?share">225 Blaser Drive, Belleville, WI</a></li>
|
||||
<li><b>What to bring:</b> Exercise clothes and water</li>
|
||||
</ul></p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20x src="/assets/img/icons/IRCIcon.png"/>
|
||||
<a href="/martialarts/index.html#social">Real-life First</a>
|
||||
</h1>
|
||||
<p class="large">
|
||||
Everyone is welcome! Class attendance is not mandated and belt-testing is not required to train. As a courtesy, please inform the class of your absence or intended late arrival -- real-life comes first, and we're happy to work with your needs. As long as one person shows, we'll have class -- the smaller the class, the more tailored it is, but the bigger classes mean more partners and body types.</p>
|
||||
<p class="large">
|
||||
Our focus is also on what you will actually use. While we appreciate traditional and esoteric training for self-development, our weekly classes are focused on modern techniques and training methods so that you get the most out of your time. Our goal is to help create a community of prepared and healthy citizens, and we believe martial arts helps build that in a way no other activity can.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<hr style="margin-top: 50px;" />
|
||||
<div class="ui stackable middle very relaxed page grid" id="social">
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div class="hero">
|
||||
<h2 id=social>Follow us on social media</h2>
|
||||
<p class=large>We want to stay in touch with you, so we are present on the social media platforms we find applicable.<br/> Have one you want us on? Contact us and let us know!</p>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid" id="social">
|
||||
<div class="two wide center column"><p> </p></div>
|
||||
<div class="two wide center column"><a title=RSS href="/martialarts/maqotw.xml"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" alt=RSS src="/assets/img/social/rss.png" /></a></div>
|
||||
<div class="two wide center column"><a title=Discord href="https://discord.gg/2bmggfR"><img alt=Discord style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/discord.ico" /></a></div>
|
||||
<div class="two wide center column"><a title=NextDoor href="https://nextdoor.com/news_feed/?post=112835813"><img alt=NextDoor src="/assets/img/social/nextdoor.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /></a></div>
|
||||
<div class="two wide center column"><a title=YouTube href="https://www.youtube.com/channel/UCVAkee-WaInnZbPn16bqzrw/about?view_as=subscriber"><img src="/assets/img/social/youtube.png" style="width: 50px; height:auto; margin: 0; padding: 0 auto;" /></a></div>
|
||||
<div class="two wide center column"><a title=Strava href="https://www.strava.com/clubs/aninixmartialarts"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/strava.png" /></a></div>
|
||||
<div class="two wide center column"><a title=Facebook href="https://www.facebook.com/groups/aninixmartialarts/"><img style="width: 50px; height:auto; margin: 0; padding: 0 auto;" src="/assets/img/social/facebook.png" /></a></div>
|
||||
<div class="two wide center column"><p> </p></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,107 @@
|
|||
<div class="ui stackable middle very relaxed page grid">
|
||||
<script src="https://js.stripe.com/v3"></script>
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<h1 class="ui icon header title">
|
||||
AniNIX
|
||||
</h1>
|
||||
<h2>Our Storefront</h2>
|
||||
<p>We have limited service offerings available. Please contact an admin on IRC first to arrange the contract, then use the item below to pay the invoice.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center column" >
|
||||
<h1 class="hero ui icon header">
|
||||
<img width=20px height=20px src='/assets/img/icons/CoreIcon.png'/>
|
||||
Cybersecurity Consulting
|
||||
</h1>
|
||||
<p class="large">The AniNIX offers cybersecurity consulting and advice services on a limited basis. We bill at $20 an hour -- please select your need below after negotiating with an admin.</p>
|
||||
<p class="large">
|
||||
<form action="./storefront.html" id="hours">
|
||||
<label for="hourcount">Hours required</label>
|
||||
<select name="hourcount" id="hourscount">
|
||||
<option value="1">1</option>
|
||||
<option value="2">2</option>
|
||||
<option value="3">3</option>
|
||||
<option value="4">4</option>
|
||||
<option value="5">5</option>
|
||||
<option value="6">6</option>
|
||||
<option value="7">7</option>
|
||||
<option value="8">8</option>
|
||||
<option value="9">9</option>
|
||||
<option value="10">10</option>
|
||||
<option value="11">11</option>
|
||||
<option value="12">12</option>
|
||||
<option value="13">13</option>
|
||||
<option value="14">14</option>
|
||||
<option value="15">15</option>
|
||||
<option value="16">16</option>
|
||||
<option value="17">17</option>
|
||||
<option value="18">18</option>
|
||||
<option value="19">19</option>
|
||||
<option value="20">20</option>
|
||||
</select>
|
||||
<br/>
|
||||
</form>
|
||||
<!-- START STRIPE CODE -->
|
||||
|
||||
<!-- Create a button that your customers click to complete their purchase. Customize the styling to suit your branding. -->
|
||||
<button
|
||||
style="background-color:#6772E5;color:#FFF;padding:8px 12px;border:0;border-radius:4px;font-size:1em"
|
||||
id="checkout-button-price_1HTuehI49P1uFPoXCW9pJg5E"
|
||||
role="link"
|
||||
type="button"
|
||||
>
|
||||
Checkout
|
||||
</button>
|
||||
|
||||
<div id="error-message"></div>
|
||||
|
||||
<script>
|
||||
(function() {
|
||||
var stripe = Stripe('pk_live_51HThYnI49P1uFPoX5ARnHSpT9D08Gbfux6O25waFLpPBsnZoLDuqopFAZeLfu0CbbICxEnPZOOLkDLTlcNjkazs100ElKcF2QX');
|
||||
|
||||
var checkoutButton = document.getElementById('checkout-button-price_1HTuehI49P1uFPoXCW9pJg5E');
|
||||
checkoutButton.addEventListener('click', function () {
|
||||
// When the customer clicks on the button, redirect
|
||||
// them to Checkout.
|
||||
stripe.redirectToCheckout({
|
||||
lineItems: [{price: 'price_1HTuehI49P1uFPoXCW9pJg5E', quantity: parseInt(document.getElementById('hourscount').value)}],
|
||||
mode: 'payment',
|
||||
// Do not rely on the redirect to the successUrl for fulfilling
|
||||
// purchases, customers may not always reach the success_url after
|
||||
// a successful payment.
|
||||
// Instead use one of the strategies described in
|
||||
// https://stripe.com/docs/payments/checkout/fulfill-orders
|
||||
successUrl: window.location.protocol + '//aninix.net/pay/thank-you.html',
|
||||
cancelUrl: window.location.protocol + '//aninix.net/pay/storefront.html',
|
||||
})
|
||||
.then(function (result) {
|
||||
if (result.error) {
|
||||
// If `redirectToCheckout` fails due to a browser or network
|
||||
// error, display the localized error message to your customer.
|
||||
var displayError = document.getElementById('error-message');
|
||||
displayError.textContent = result.error.message;
|
||||
}
|
||||
});
|
||||
});
|
||||
})();
|
||||
</script>
|
||||
<! -- END STRIPE CODE -->
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center column" >
|
||||
<hr style="margin-top: 50px;" />
|
||||
<h2>Donate</h2>
|
||||
<p>If you like what we do, you can also donate on one of these platforms:</p>
|
||||
<ul style="width:500px;text-align: left;margin:auto;">
|
||||
<li><a href="https://store.steampowered.com/wishlist/id/darkfeather664/#sort=order">Steam (games)</a></li>
|
||||
<li><a href="https://www.amazon.com/hz/wishlist/ls/3CORZU03RNWST?ref_=wl_share">Amazon (hardware)</a></li>
|
||||
<li>BTC 38Nd3SgytdvSmcX3gfHeNAE2B6aPyYbS7s</li>
|
||||
<li>Coinbase USDC 0x21a05e628Ed622F7594f62Ea3C764bAEF7fE3Bf3</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,12 @@
|
|||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="sixteen wide center aligned centered column">
|
||||
<div>
|
||||
<img class="logo" src="/assets/img/icons/CoreIcon.png" />
|
||||
</div>
|
||||
<div class="hero">
|
||||
<h2 class="ui icon header title">
|
||||
Thank you for your purchase!
|
||||
</h2>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
- name: Base packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- gitea
|
||||
|
||||
- name: BitBot
|
||||
become: yes
|
||||
git:
|
||||
repo: https://github.com/jesopo/bitbot.git
|
||||
dest: /opt/bitbot
|
||||
|
||||
- name: Make directories
|
||||
become: yes
|
||||
file:
|
||||
path: "/var/lib/gitea/{{ item }}"
|
||||
owner: gitea
|
||||
group: gitea
|
||||
mode: 0750
|
||||
loop:
|
||||
- "custom/bin"
|
||||
- "web-snippets"
|
||||
|
||||
- name: Populate config
|
||||
become: yes
|
||||
register: config
|
||||
template:
|
||||
src: app.ini.j2
|
||||
dest: /var/lib/gitea/custom/conf/app.ini
|
||||
owner: gitea
|
||||
group: gitea
|
||||
mode: 0750
|
||||
|
||||
- name: Copy web-snippets
|
||||
become: yes
|
||||
copy:
|
||||
src: web-snippets/
|
||||
dest: /var/lib/gitea/web-snippets
|
||||
owner: gitea
|
||||
group: gitea
|
||||
mode: 0640
|
||||
|
||||
- name: Copy scripts
|
||||
become: yes
|
||||
copy:
|
||||
src: custom/
|
||||
dest: /var/lib/gitea/custom/
|
||||
owner: gitea
|
||||
group: gitea
|
||||
|
||||
- name: Publish AniNIX/Yggdrasil CSS
|
||||
become: yes
|
||||
get_url:
|
||||
url: https://github.com/BenZuser/Emby-Web-Dark-Themes-CSS/raw/master/RED/theme.css
|
||||
dest: /var/lib/gitea/custom/public/css/emby-web-dark-theme-BenZuser.css
|
||||
owner: gitea
|
||||
group: gitea
|
||||
|
||||
- name: Copy hook
|
||||
become: yes
|
||||
copy:
|
||||
src: gitea.hook
|
||||
dest: /etc/pacman.d/hooks/gitea.hook
|
||||
owner: gitea
|
||||
group: gitea
|
||||
|
||||
- name: Service file
|
||||
become: yes
|
||||
register: servicefile
|
||||
copy:
|
||||
src: foundation.service
|
||||
dest: /usr/lib/systemd/system
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Ensure default service disabled
|
||||
become: yes
|
||||
service:
|
||||
name: gitea
|
||||
state: stopped
|
||||
enabled: no
|
||||
|
||||
- name: Generate pages
|
||||
become: yes
|
||||
register: custompages
|
||||
command: /usr/bin/runuser -u gitea -- /usr/bin/bash /var/lib/gitea/custom/bin/gen-aninix-custom
|
||||
|
||||
- name: Restart service
|
||||
become: yes
|
||||
when: config.changed or servicefile.changed or custompages.changed
|
||||
service:
|
||||
name: foundation
|
||||
state: restarted
|
||||
enabled: yes
|
|
@ -0,0 +1,744 @@
|
|||
; This file lists the default values used by Gitea
|
||||
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
|
||||
; and modify as needed.
|
||||
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
|
||||
; App name that shows in every page title
|
||||
APP_NAME = AniNIX
|
||||
; Change it if you run locally
|
||||
RUN_USER = gitea
|
||||
; Either "dev", "prod" or "test", default is "dev"
|
||||
RUN_MODE = prod
|
||||
|
||||
[repository]
|
||||
ROOT = repos
|
||||
SCRIPT_TYPE = bash
|
||||
; Default ANSI charset
|
||||
ANSI_CHARSET =
|
||||
; Force every new repository to be private
|
||||
FORCE_PRIVATE = false
|
||||
; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
|
||||
DEFAULT_PRIVATE = last
|
||||
; Global limit of repositories per user, applied at creation time. -1 means no limit
|
||||
MAX_CREATION_LIMIT = -1
|
||||
; Preferred Licenses to place at the top of the List
|
||||
; The name here must match the filename in conf/license or custom/conf/license
|
||||
PREFERRED_LICENSES = AniNIX-WTFPL
|
||||
; Disable the ability to interact with repositories using the HTTP protocol
|
||||
DISABLE_HTTP_GIT = false
|
||||
; Value for Access-Control-Allow-Origin header, default is not to present
|
||||
; WARNING: This maybe harmful to you website if you do not give it a right value.
|
||||
ACCESS_CONTROL_ALLOW_ORIGIN =
|
||||
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
|
||||
USE_COMPAT_SSH_URI = false
|
||||
; Close issues as long as a commit on any branch marks it as fixed
|
||||
DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false
|
||||
|
||||
[repository.editor]
|
||||
; List of file extensions for which lines should be wrapped in the CodeMirror editor
|
||||
; Separate extensions with a comma. To line wrap files without an extension, just put a comma
|
||||
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
|
||||
; Valid file modes that have a preview API associated with them, such as api/v1/markdown
|
||||
; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
|
||||
PREVIEWABLE_FILE_MODES = markdown
|
||||
|
||||
[repository.local]
|
||||
; Path for local repository copy. Defaults to `tmp/local-repo`
|
||||
LOCAL_COPY_PATH = tmp/local-repo
|
||||
; Path for local wiki copy. Defaults to `tmp/local-wiki`
|
||||
LOCAL_WIKI_PATH = tmp/local-wiki
|
||||
|
||||
[repository.upload]
|
||||
; Whether repository file uploads are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
|
||||
TEMP_PATH = data/tmp/uploads
|
||||
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
|
||||
ALLOWED_TYPES =
|
||||
; Max size of each file in megabytes. Defaults to 3MB
|
||||
FILE_MAX_SIZE = 3
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[repository.pull-request]
|
||||
; List of prefixes used in Pull Request title to mark them as Work In Progress
|
||||
WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]
|
||||
|
||||
[repository.issue]
|
||||
; List of reasons why a Pull Request or Issue can be locked
|
||||
LOCK_REASONS = Too heated,Off-topic,Resolved,Spam
|
||||
|
||||
[cors]
|
||||
; More information about CORS can be found here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#The_HTTP_response_headers
|
||||
; enable cors headers (disabled by default)
|
||||
ENABLED = false
|
||||
; scheme of allowed requests
|
||||
SCHEME = http
|
||||
; list of requesting domains that are allowed
|
||||
ALLOW_DOMAIN = *
|
||||
; allow subdomains of headers listed above to request
|
||||
ALLOW_SUBDOMAIN = false
|
||||
; list of methods allowed to request
|
||||
METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
|
||||
; max time to cache response
|
||||
MAX_AGE = 10m
|
||||
; allow request with credentials
|
||||
ALLOW_CREDENTIALS = false
|
||||
|
||||
[ui]
|
||||
; Number of repositories that are displayed on one explore page
|
||||
EXPLORE_PAGING_NUM = 20
|
||||
; Number of issues that are displayed on one page
|
||||
ISSUE_PAGING_NUM = 10
|
||||
; Number of maximum commits displayed in one activity feed
|
||||
FEED_MAX_COMMIT_NUM = 5
|
||||
; Number of maximum commits displayed in commit graph.
|
||||
GRAPH_MAX_COMMIT_NUM = 100
|
||||
; Number of line of codes shown for a code comment
|
||||
CODE_COMMENT_LINES = 4
|
||||
; Value of `theme-color` meta tag, used by Android >= 5.0
|
||||
; An invalid color like "none" or "disable" will have the default style
|
||||
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
|
||||
THEME_COLOR_META_TAG = `#ff0000`
|
||||
; Max size of files to be displayed (default is 8MiB)
|
||||
MAX_DISPLAY_FILE_SIZE = 8388608
|
||||
; Whether the email of the user should be shown in the Explore Users page
|
||||
SHOW_USER_EMAIL = true
|
||||
; Set the default theme for the Gitea install
|
||||
DEFAULT_THEME = aninix
|
||||
; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`.
|
||||
THEMES = gitea,arc-green,aninix
|
||||
; Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
|
||||
DEFAULT_SHOW_FULL_NAME = false
|
||||
|
||||
[ui.admin]
|
||||
; Number of users that are displayed on one page
|
||||
USER_PAGING_NUM = 50
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 50
|
||||
; Number of notices that are displayed on one page
|
||||
NOTICE_PAGING_NUM = 25
|
||||
; Number of organizations that are displayed on one page
|
||||
ORG_PAGING_NUM = 50
|
||||
|
||||
[ui.user]
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 15
|
||||
|
||||
[ui.meta]
|
||||
AUTHOR = AniNIX::Foundation
|
||||
DESCRIPTION = AniNIX::Foundation \\ Code, documentation, and information sharing powered by Gitea (git with a cup of tea)
|
||||
KEYWORDS = go,git,self-hosted,gitea,aninix,aninix::foundation
|
||||
|
||||
[markdown]
|
||||
; Enable hard line break extension
|
||||
ENABLE_HARD_LINE_BREAK = false
|
||||
; List of custom URL-Schemes that are allowed as links when rendering Markdown
|
||||
; for example git,magnet
|
||||
CUSTOM_URL_SCHEMES =
|
||||
; List of file extensions that should be rendered/edited as Markdown
|
||||
; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
|
||||
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
|
||||
|
||||
[server]
|
||||
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
|
||||
PROTOCOL = http
|
||||
DOMAIN = {{ external_domain }}
|
||||
ROOT_URL = https://{{ external_domain }}/
|
||||
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
|
||||
HTTP_ADDR = 0.0.0.0
|
||||
HTTP_PORT = 3000
|
||||
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
|
||||
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
|
||||
; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for
|
||||
; PORT_TO_REDIRECT.
|
||||
REDIRECT_OTHER_PORT = false
|
||||
PORT_TO_REDIRECT = 3000
|
||||
; Permission for unix socket
|
||||
UNIX_SOCKET_PERMISSION = 660
|
||||
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
|
||||
; In most cases you do not need to change the default value.
|
||||
; Alter it only if your SSH server node is not the same as HTTP node.
|
||||
; Do not set this variable if PROTOCOL is set to 'unix'.
|
||||
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
|
||||
; Disable SSH feature when not available
|
||||
DISABLE_SSH = false
|
||||
; Whether to use the builtin SSH server or not.
|
||||
START_SSH_SERVER = false
|
||||
; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
|
||||
BUILTIN_SSH_SERVER_USER =
|
||||
; Domain name to be exposed in clone URL
|
||||
SSH_DOMAIN = foundation.aninix.net
|
||||
; The network interface the builtin SSH server should listen on
|
||||
SSH_LISTEN_HOST =
|
||||
; Port number to be exposed in clone URL
|
||||
SSH_PORT = 22
|
||||
; The port number the builtin SSH server should listen on
|
||||
SSH_LISTEN_PORT = %(SSH_PORT)s
|
||||
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
|
||||
SSH_ROOT_PATH =
|
||||
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
|
||||
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
||||
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
|
||||
; For the built-in SSH server, choose the ciphers to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
|
||||
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
|
||||
; For the built-in SSH server, choose the MACs to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
|
||||
; Directory to create temporary files in when testing public keys using ssh-keygen,
|
||||
; default is the system temporary directory.
|
||||
SSH_KEY_TEST_PATH =
|
||||
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
|
||||
SSH_KEYGEN_PATH = ssh-keygen
|
||||
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
|
||||
SSH_BACKUP_AUTHORIZED_KEYS = true
|
||||
; Enable exposure of SSH clone URL to anonymous visitors, default is false
|
||||
SSH_EXPOSE_ANONYMOUS = false
|
||||
; Indicate whether to check minimum key size with corresponding type
|
||||
MINIMUM_KEY_SIZE_CHECK = false
|
||||
; Disable CDN even in "prod" mode
|
||||
OFFLINE_MODE = true
|
||||
DISABLE_ROUTER_LOG = false
|
||||
; Generate steps:
|
||||
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
|
||||
;
|
||||
; Or from a .pfx file exported from the Windows certificate store (do
|
||||
; not forget to export the private key):
|
||||
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
|
||||
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
|
||||
CERT_FILE = custom/https/cert.pem
|
||||
KEY_FILE = custom/https/key.pem
|
||||
; Root directory containing templates and static files.
|
||||
; default is the path where Gitea is executed
|
||||
STATIC_ROOT_PATH = /usr/share/gitea
|
||||
; Default path for App data
|
||||
APP_DATA_PATH = data
|
||||
; Application level GZIP support
|
||||
ENABLE_GZIP = false
|
||||
; Application profiling (memory and cpu)
|
||||
; For "web" command it listens on localhost:6060
|
||||
; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)_<username>_<temporary id>
|
||||
ENABLE_PPROF = false
|
||||
; PPROF_DATA_PATH, use an absolute path when you start gitea as service
|
||||
PPROF_DATA_PATH = data/tmp/pprof
|
||||
; Landing page, can be "home", "explore", or "organizations"
|
||||
LANDING_PAGE = home
|
||||
; Enables git-lfs support. true or false, default is false.
|
||||
LFS_START_SERVER = true
|
||||
; Where your lfs files reside, default is data/lfs.
|
||||
; LFS authentication secret, change this yourself
|
||||
LFS_JWT_SECRET = {{ secrets.Foundation.lfs_jwt_secret }}
|
||||
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
|
||||
[lfs]
|
||||
PATH = data/lfs
|
||||
|
||||
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
|
||||
[ssh.minimum_key_sizes]
|
||||
ED25519 = 256
|
||||
ECDSA = 256
|
||||
RSA = 2048
|
||||
DSA = 1024
|
||||
|
||||
[database]
|
||||
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
|
||||
DB_TYPE = postgres
|
||||
HOST = 127.0.0.1:5432
|
||||
NAME = gitea
|
||||
USER = gitea
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD = {{ secrets.Foundation.database_password }}
|
||||
; For Postgres, either "disable" (default), "require", or "verify-full"
|
||||
; For MySQL, either "false" (default), "true", or "skip-verify"
|
||||
SSL_MODE = disable
|
||||
; For MySQL only, either "utf8" or "utf8mb4", default is "utf8".
|
||||
; NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this.
|
||||
CHARSET = utf8
|
||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||
PATH = data/gitea.db
|
||||
; For "sqlite3" only. Query timeout
|
||||
SQLITE_TIMEOUT = 500
|
||||
; For iterate buffer, default is 50
|
||||
ITERATE_BUFFER_SIZE = 50
|
||||
; Show the database generated SQL
|
||||
LOG_SQL = false
|
||||
; Maximum number of DB Connect retries
|
||||
DB_RETRIES = 10
|
||||
; Backoff time per DB retry (time.Duration)
|
||||
DB_RETRY_BACKOFF = 3s
|
||||
|
||||
[indexer]
|
||||
; Issue indexer type, currently support: bleve or db, default is bleve
|
||||
ISSUE_INDEXER_TYPE = bleve
|
||||
; Issue indexer storage path, available when ISSUE_INDEXER_TYPE is bleve
|
||||
ISSUE_INDEXER_PATH = indexers/issues.bleve
|
||||
; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
|
||||
; repo indexer by default disabled, since it uses a lot of disk space
|
||||
REPO_INDEXER_ENABLED = false
|
||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
||||
MAX_FILE_SIZE = 1048576
|
||||
|
||||
[admin]
|
||||
; Disallow regular (non-admin) users from creating organizations.
|
||||
DISABLE_REGULAR_ORG_CREATION = true
|
||||
|
||||
[security]
|
||||
; Whether the installer is disabled
|
||||
INSTALL_LOCK = true
|
||||
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
|
||||
SECRET_KEY = {{ secrets.Foundation.secret_key }}
|
||||
; How long to remember that an user is logged in before requiring relogin (in days)
|
||||
LOGIN_REMEMBER_DAYS = 7
|
||||
COOKIE_USERNAME = gitea_awesome
|
||||
COOKIE_REMEMBER_NAME = gitea_incredible
|
||||
; Reverse proxy authentication header name of user name
|
||||
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
|
||||
; The minimum password length for new Users
|
||||
MIN_PASSWORD_LENGTH = 6
|
||||
; Set to true to allow users to import local server paths
|
||||
IMPORT_LOCAL_PATHS = false
|
||||
; Set to true to prevent all users (including admin) from creating custom git hooks
|
||||
DISABLE_GIT_HOOKS = false
|
||||
INTERNAL_TOKEN = {{ secrets.Foundation.internal_token }}
|
||||
|
||||
[openid]
|
||||
;
|
||||
; OpenID is an open, standard and decentralized authentication protocol.
|
||||
; Your identity is the address of a webpage you provide, which describes
|
||||
; how to prove you are in control of that page.
|
||||
;
|
||||
; For more info: https://en.wikipedia.org/wiki/OpenID
|
||||
;
|
||||
; Current implementation supports OpenID-2.0
|
||||
;
|
||||
; Tested to work providers at the time of writing:
|
||||
; - Any GNUSocial node (your.hostname.tld/username)
|
||||
; - Any SimpleID provider (http://simpleid.koinic.net)
|
||||
; - http://openid.org.cn/
|
||||
; - openid.stackexchange.com
|
||||
; - login.launchpad.net
|
||||
; - <username>.livejournal.com
|
||||
;
|
||||
; Whether to allow signin in via OpenID
|
||||
ENABLE_OPENID_SIGNIN = FALSE
|
||||
; Whether to allow registering via OpenID
|
||||
; Do not include to rely on rhw DISABLE_REGISTRATION setting
|
||||
; ENABLE_OPENID_SIGNUP = true
|
||||
; Allowed URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only these would be allowed if non-blank.
|
||||
; Example value: trusted.domain.org trusted.domain.net
|
||||
WHITELISTED_URIS =
|
||||
; Forbidden URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only used if WHITELISTED_URIS is blank.
|
||||
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
|
||||
BLACKLISTED_URIS =
|
||||
ENABLE_OPENID_SIGNUP = false
|
||||
|
||||
[service]
|
||||
; Time limit to confirm account/email registration
|
||||
ACTIVE_CODE_LIVE_MINUTES = 180
|
||||
; Time limit to perform the reset of a forgotten password
|
||||
RESET_PASSWD_CODE_LIVE_MINUTES = 180
|
||||
; Whether a new user needs to confirm their email when registering.
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
; List of domain names that are allowed to be used to register on a Gitea instance
|
||||
; gitea.io,example.com
|
||||
EMAIL_DOMAIN_ALLOWLIST =
|
||||
; Disallow registration, only allow admins to create accounts.
|
||||
DISABLE_REGISTRATION = true
|
||||
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
; User must sign in to view anything.
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
; Mail notification
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
; More detail: https://github.com/gogits/gogs/issues/165
|
||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||
ENABLE_REVERSE_PROXY_EMAIL = false
|
||||
; Enable captcha validation for registration
|
||||
ENABLE_CAPTCHA = false
|
||||
; Type of captcha you want to use. Options: image, recaptcha
|
||||
CAPTCHA_TYPE = image
|
||||
; Enable recaptcha to use Google's recaptcha service
|
||||
; Go to https://www.google.com/recaptcha/admin to sign up for a key
|
||||
RECAPTCHA_SECRET =
|
||||
RECAPTCHA_SITEKEY =
|
||||
; Change this to use recaptcha.net or other recaptcha service
|
||||
RECAPTCHA_URL = https://www.google.com/recaptcha/
|
||||
; Default value for KeepEmailPrivate
|
||||
; Each new user will get the value of this setting copied into their profile
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
; Default value for AllowCreateOrganization
|
||||
; Every new user will have rights set to create organizations depending on this setting
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
|
||||
; Either "public", "limited" or "private", default is "public"
|
||||
; Limited is for signed user only
|
||||
; Private is only for member of the organization
|
||||
; Public is for everyone
|
||||
DEFAULT_ORG_VISIBILITY = public
|
||||
; Default value for EnableDependencies
|
||||
; Repositories will use dependencies by default depending on this setting
|
||||
DEFAULT_ENABLE_DEPENDENCIES = true
|
||||
; Enable heatmap on users profiles.
|
||||
ENABLE_USER_HEATMAP = true
|
||||
; Enable Timetracking
|
||||
ENABLE_TIMETRACKING = true
|
||||
; Default value for EnableTimetracking
|
||||
; Repositories will use timetracking by default depending on this setting
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
; Default value for AllowOnlyContributorsToTrackTime
|
||||
; Only users with write permissions can track time if this is true
|
||||
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
|
||||
; Default value for the domain part of the user's email address in the git log
|
||||
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
|
||||
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
|
||||
NO_REPLY_ADDRESS = noreply.aninix.net
|
||||
; Show Registration button
|
||||
SHOW_REGISTRATION_BUTTON = true
|
||||
; Default value for AutoWatchNewRepos
|
||||
; When adding a repo to a team or creating a new repo all team members will watch the
|
||||
; repo automatically if enabled
|
||||
AUTO_WATCH_NEW_REPOS = true
|
||||
|
||||
[webhook]
|
||||
; Hook task queue length, increase if webhook shooting starts hanging
|
||||
QUEUE_LENGTH = 1000
|
||||
; Deliver timeout in seconds
|
||||
DELIVER_TIMEOUT = 5
|
||||
; Allow insecure certification
|
||||
SKIP_TLS_VERIFY = false
|
||||
; Number of history information in each page
|
||||
PAGING_NUM = 10
|
||||
ALLOWED_HOST_LIST = ::1/128, 127.0.0.1/32
|
||||
|
||||
; We don't use mail
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
|
||||
[cache]
|
||||
; Either "memory", "redis", or "memcache", default is "memory"
|
||||
ADAPTER = memory
|
||||
; For "memory" only, GC interval in seconds, default is 60
|
||||
INTERVAL = 60
|
||||
; For "redis" and "memcache", connection host address
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; memcache: `127.0.0.1:11211`
|
||||
HOST =
|
||||
; Time to keep items in cache if not used, default is 16 hours.
|
||||
; Setting it to 0 disables caching
|
||||
ITEM_TTL = 16h
|
||||
|
||||
[session]
|
||||
; Either "memory", "file", or "redis", default is "memory"
|
||||
PROVIDER = file
|
||||
; Provider config options
|
||||
; memory: doesn't have any config yet
|
||||
; file: session file path, e.g. `data/sessions`
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
|
||||
PROVIDER_CONFIG = data/sessions
|
||||
; Session cookie name
|
||||
COOKIE_NAME = i_like_gitea
|
||||
; If you use session in https only, default is false
|
||||
COOKIE_SECURE = false
|
||||
; Enable set cookie, default is true
|
||||
ENABLE_SET_COOKIE = true
|
||||
; Session GC time interval in seconds, default is 86400 (1 day)
|
||||
GC_INTERVAL_TIME = 86400
|
||||
; Session life time in seconds, default is 86400 (1 day)
|
||||
SESSION_LIFE_TIME = 86400
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = data/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = data/repo-avatars
|
||||
; How Gitea deals with missing repository avatars
|
||||
; none = no avatar will be displayed; random = random avatar will be displayed; image = default image will be used
|
||||
REPOSITORY_AVATAR_FALLBACK = none
|
||||
REPOSITORY_AVATAR_FALLBACK_IMAGE = /img/repo_default.png
|
||||
; Max Width and Height of uploaded avatars.
|
||||
; This is to limit the amount of RAM used when resizing the image.
|
||||
AVATAR_MAX_WIDTH = 4096
|
||||
AVATAR_MAX_HEIGHT = 3072
|
||||
; Maximum alloved file size for uploaded avatars.
|
||||
; This is to limit the amount of RAM used when resizing the image.
|
||||
AVATAR_MAX_FILE_SIZE = 1048576
|
||||
; Chinese users can choose "duoshuo"
|
||||
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
|
||||
GRAVATAR_SOURCE = gravatar
|
||||
; This value will always be true in offline mode.
|
||||
DISABLE_GRAVATAR = true
|
||||
; Federated avatar lookup uses DNS to discover avatar associated
|
||||
; with emails, see https://www.libravatar.org
|
||||
; This value will always be false in offline mode or when Gravatar is disabled.
|
||||
ENABLE_FEDERATED_AVATAR = false
|
||||
|
||||
[attachment]
|
||||
; Whether attachments are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for attachments. Defaults to `data/attachments`
|
||||
PATH = data/attachments
|
||||
; One or more allowed types, e.g. image/jpeg|image/png
|
||||
ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
|
||||
; Max size of each file. Defaults to 4MB
|
||||
MAX_SIZE = 4
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[time]
|
||||
; Specifies the format for fully outputted dates. Defaults to RFC1123
|
||||
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
|
||||
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
|
||||
FORMAT =
|
||||
|
||||
[log]
|
||||
ROOT_PATH = %(GITEA_WORK_DIR)/log
|
||||
MODE = console
|
||||
LEVEL = Info
|
||||
STACKTRACE_LEVEL = None
|
||||
logger.router.MODE = ,
|
||||
logger.xorm.MODE = ,
|
||||
logger.access.MODE =
|
||||
ROOT_PATH = /var/log/gitea/
|
||||
; Either "console", "file", "conn", "smtp" or "database", default is "console"
|
||||
; Use comma to separate multiple modes, e.g. "console, file"
|
||||
MODE = console
|
||||
; Buffer length of the channel, keep it as it is if you don't know what it is.
|
||||
BUFFER_LEN = 10000
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Info"
|
||||
ACCESS_LOG_TEMPLATE = {{ '{{' }}.Ctx.RemoteAddr{{ '}}' }} - {{ '{{' }}.Identity{{ '}}' }} {{ '{{' }}.Start.Format "[02/Jan/2006:15:04:05 -0700]" {{ '}}' }} "{{ '{{' }}.Ctx.Req.Method{{ '}}' }} {{ '{{' }}.Ctx.Req.RequestURI{{ '}}' }} {{ '{{' }}.Ctx.Req.Proto{{ '}}' }}" {{ '{{' }}.ResponseWriter.Status{{ '}}' }} {{ '{{' }}.ResponseWriter.Size{{ '}}' }} "{{ '{{' }}.Ctx.Req.Referer{{ '}}' }}\" \"{{ '{{' }}.Ctx.Req.UserAgent{{ '}}' }}"
|
||||
logger.access.MODE = console
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
|
||||
LEVEL = Info
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "None"
|
||||
STACKTRACE_LEVEL = Critical
|
||||
|
||||
; Generic log modes
|
||||
[log.x]
|
||||
FLAGS = stdflags
|
||||
EXPRESSION =
|
||||
PREFIX =
|
||||
COLORIZE = false
|
||||
|
||||
; For "console" mode only
|
||||
[log.console]
|
||||
MODE = console
|
||||
FLAGS = stdflags
|
||||
PREFIX =
|
||||
COLORIZE = true
|
||||
|
||||
; For "file" mode only
|
||||
[log.file]
|
||||
LEVEL =
|
||||
; Set the file_name for the logger. If this is a relative path this
|
||||
; will be relative to ROOT_PATH
|
||||
FILE_NAME =
|
||||
; This enables automated log rotate(switch of following options), default is true
|
||||
LOG_ROTATE = true
|
||||
; Max number of lines in a single file, default is 1000000
|
||||
MAX_LINES = 1000000
|
||||
; Max size shift of a single file, default is 28 means 1 << 28, 256MB
|
||||
MAX_SIZE_SHIFT = 28
|
||||
; Segment log daily, default is true
|
||||
DAILY_ROTATE = true
|
||||
; delete the log file after n days, default is 7
|
||||
MAX_DAYS = 7
|
||||
; compress logs with gzip
|
||||
COMPRESS = true
|
||||
; compression level see godoc for compress/gzip
|
||||
COMPRESSION_LEVEL = -1
|
||||
|
||||
; For "conn" mode only
|
||||
[log.conn]
|
||||
LEVEL =
|
||||
; Reconnect host for every single message, default is false
|
||||
RECONNECT_ON_MSG = false
|
||||
; Try to reconnect when connection is lost, default is false
|
||||
RECONNECT = false
|
||||
; Either "tcp", "unix" or "udp", default is "tcp"
|
||||
PROTOCOL = tcp
|
||||
; Host address
|
||||
ADDR =
|
||||
|
||||
; For "smtp" mode only
|
||||
[log.smtp]
|
||||
LEVEL =
|
||||
; Name displayed in mail title, default is "Diagnostic message from server"
|
||||
SUBJECT = Diagnostic message from server
|
||||
; Mail server
|
||||
HOST =
|
||||
; Mailer user name and password
|
||||
USER =
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
|
||||
RECEIVERS =
|
||||
|
||||
[cron]
|
||||
; Enable running cron tasks periodically.
|
||||
ENABLED = true
|
||||
; Run cron tasks when Gitea starts.
|
||||
RUN_AT_START = false
|
||||
|
||||
; Update mirrors
|
||||
[cron.update_mirrors]
|
||||
SCHEDULE = @every 10m
|
||||
|
||||
; Repository health check
|
||||
[cron.repo_health_check]
|
||||
SCHEDULE = @every 24h
|
||||
TIMEOUT = 60s
|
||||
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
|
||||
; see more on http://git-scm.com/docs/git-fsck
|
||||
ARGS =
|
||||
|
||||
; Check repository statistics
|
||||
[cron.check_repo_stats]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
; Clean up old repository archives
|
||||
[cron.archive_cleanup]
|
||||
; Whether to enable the job
|
||||
ENABLED = true
|
||||
; Whether to always run at least once at start up time (if ENABLED)
|
||||
RUN_AT_START = true
|
||||
; Time interval for job to run
|
||||
SCHEDULE = @every 24h
|
||||
; Archives created more than OLDER_THAN ago are subject to deletion
|
||||
OLDER_THAN = 24h
|
||||
|
||||
; Synchronize external user data (only LDAP user synchronization is supported)
|
||||
[cron.sync_external_users]
|
||||
; Synchronize external user data when starting server (default false)
|
||||
RUN_AT_START = false
|
||||
; Interval as a duration between each synchronization (default every 24h)
|
||||
SCHEDULE = @every 24h
|
||||
; Create new users, update existing user data and disable users that are not in external source anymore (default)
|
||||
; or only create new users if UPDATE_EXISTING is set to false
|
||||
UPDATE_EXISTING = true
|
||||
|
||||
[git]
|
||||
; Disables highlight of added and removed changes
|
||||
DISABLE_DIFF_HIGHLIGHT = false
|
||||
; Max number of lines allowed in a single file in diff view
|
||||
MAX_GIT_DIFF_LINES = 1000
|
||||
; Max number of allowed characters in a line in diff view
|
||||
MAX_GIT_DIFF_LINE_CHARACTERS = 5000
|
||||
; Max number of files shown in diff view
|
||||
MAX_GIT_DIFF_FILES = 100
|
||||
; Arguments for command 'git gc', e.g. "--aggressive --auto"
|
||||
; see more on http://git-scm.com/docs/git-gc/
|
||||
GC_ARGS =
|
||||
; If use git wire protocol version 2 when git version >= 2.18, default is true, set to false when you always want git wire protocol version 1
|
||||
EnableAutoGitWireProtocol = true
|
||||
|
||||
; Operation timeout in seconds
|
||||
[git.timeout]
|
||||
DEFAULT = 360
|
||||
MIGRATE = 600
|
||||
MIRROR = 300
|
||||
CLONE = 300
|
||||
PULL = 300
|
||||
GC = 60
|
||||
|
||||
[mirror]
|
||||
; Default interval as a duration between each check
|
||||
DEFAULT_INTERVAL = 8h
|
||||
; Min interval as a duration must be > 1m
|
||||
MIN_INTERVAL = 10m
|
||||
|
||||
[api]
|
||||
; Enables Swagger. True or false; default is true.
|
||||
ENABLE_SWAGGER = true
|
||||
; Max number of items in a page
|
||||
MAX_RESPONSE_ITEMS = 50
|
||||
; Default paging number of api
|
||||
DEFAULT_PAGING_NUM = 30
|
||||
; Default and maximum number of items per page for git trees api
|
||||
DEFAULT_GIT_TREES_PER_PAGE = 1000
|
||||
; Default size of a blob returned by the blobs API (default is 10MiB)
|
||||
DEFAULT_MAX_BLOB_SIZE = 10485760
|
||||
|
||||
[oauth2]
|
||||
; Enables OAuth2 provider
|
||||
ENABLE = true
|
||||
; Lifetime of an OAuth2 access token in seconds
|
||||
ACCESS_TOKEN_EXPIRATION_TIME = 3600
|
||||
; Lifetime of an OAuth2 access token in hours
|
||||
REFRESH_TOKEN_EXPIRATION_TIME = 730
|
||||
; Check if refresh token got already used
|
||||
INVALIDATE_REFRESH_TOKENS = false
|
||||
; OAuth2 authentication secret for access and refresh tokens, change this a unique string.
|
||||
JWT_SECRET = {{ secrets.Foundation.jwt_secret }}
|
||||
|
||||
[i18n]
|
||||
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
|
||||
NAMES = English,简体中文,繁體中文(香港),繁體中文(台灣),Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
|
||||
|
||||
; Used for datetimepicker
|
||||
[i18n.datelang]
|
||||
en-US = en
|
||||
zh-CN = zh
|
||||
zh-HK = zh-HK
|
||||
zh-TW = zh-TW
|
||||
de-DE = de
|
||||
fr-FR = fr
|
||||
nl-NL = nl
|
||||
lv-LV = lv
|
||||
ru-RU = ru
|
||||
uk-UA = uk
|
||||
ja-JP = ja
|
||||
es-ES = es
|
||||
pt-BR = pt-BR
|
||||
pl-PL = pl
|
||||
bg-BG = bg
|
||||
it-IT = it
|
||||
fi-FI = fi
|
||||
tr-TR = tr
|
||||
cs-CZ = cs-CZ
|
||||
sr-SP = sr
|
||||
sv-SE = sv
|
||||
ko-KR = ko
|
||||
|
||||
[U2F]
|
||||
|
||||
; NOTE: THE DEFAULT VALUES HERE WILL NEED TO BE CHANGED
|
||||
; Two Factor authentication with security keys
|
||||
; https://developers.yubico.com/U2F/App_ID.html
|
||||
; APP_ID = http://localhost:3000/
|
||||
; Comma seperated list of trusted facets
|
||||
; TRUSTED_FACETS = http://localhost:3000/
|
||||
; Extension mapping to highlight class
|
||||
; e.g. .toml=ini
|
||||
[highlight.mapping]
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_BRANDING = false
|
||||
; Show version information about Gitea and Go in the footer
|
||||
SHOW_FOOTER_VERSION = false
|
||||
; Show template execution time in the footer
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
|
||||
|
||||
[markup.asciidoc]
|
||||
ENABLED = false
|
||||
; List of file extensions that should be rendered by an external command
|
||||
FILE_EXTENSIONS = .adoc,.asciidoc
|
||||
; External command to render all matching extensions
|
||||
RENDER_COMMAND = asciidoc --out-file=- -
|
||||
; Don't pass the file on STDIN, pass the filename as argument instead.
|
||||
IS_INPUT_FILE = false
|
||||
|
||||
[metrics]
|
||||
; Enables metrics endpoint. True or false; default is false.
|
||||
ENABLED = false
|
||||
; If you want to add authorization, specify a token here
|
||||
TOKEN =
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
|
||||
- name: Install Games packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- mgba-qt
|
||||
- steam
|
||||
- steam-native-runtime
|
||||
- discord
|
|
@ -0,0 +1,14 @@
|
|||
These hubs are self-made IoT devices using [Raspberry Pi's](https://www.raspberrypi.com/products/raspberry-pi-4-model-b/) on [Raspbian](https://www.raspberrypi.com/software). They provide cameras and IR remotes to control televisions, which can be used with Chromecasts to project [AniNIX/Yggdrasil](../Yggdrasil/) media for users to view. Usually, they'll be wrapped in a maker case with a cellphone 5A charger on a wall mount.
|
||||
|
||||
# Relevant Files and Configuration
|
||||
|
||||
For the camera, we use the [motion](https://motion-project.github.io/motion_config.html) service to control the Raspberry Pi [camera module](https://www.raspberrypi.com/products/camera-module-v2/). This is reflected in the motion config.
|
||||
|
||||
For the IR control we use an [IR shield](https://www.amazon.com/s?k=Raspberry+pi+infrared+expansion+board+IR+transmitter&ref=nb_sb_noss) controlled by the [lircd](https://www.lirc.org/) service. As a note, in order for this to work, you have to set the pinout in the `/boot/config.txt` -- we try to default this in, but you may need to set `gpio_in_pin` and `gpio_out_pin` attributes for your particular board and shield.
|
||||
|
||||
We also set up an SNMPv3 daemon service on the hubs, to work with their IR control. This snmpd requires the Geth OVA to add snmpget using `apk update && apk add net-snmp-tools` from the `Terminal & SSH` add-on. Covers can then be added from the [command-line integration](https://www.home-assistant.io/integrations/command_line/). They'll look something like this:
|
||||
|
||||
```
|
||||
|
||||
```
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
# /etc/lirc/hardware.conf
|
||||
#
|
||||
# Arguments which will be used when launching lircd
|
||||
LIRCD_ARGS="--uinput --listen"
|
||||
|
||||
#Don't start lircmd even if there seems to be a good config file
|
||||
#START_LIRCMD=false
|
||||
|
||||
#Don't start irexec, even if a good config file seems to exist.
|
||||
#START_IREXEC=false
|
||||
|
||||
#Try to load appropriate kernel modules
|
||||
LOAD_MODULES=true
|
||||
|
||||
# Run "lircd --driver=help" for a list of supported drivers.
|
||||
DRIVER="default"
|
||||
# usually /dev/lirc0 is the correct setting for systems using udev
|
||||
DEVICE="/dev/lirc0"
|
||||
MODULES="lirc_rpi"
|
||||
|
||||
# Default configuration files for your hardware if any
|
||||
LIRCD_CONF=""
|
||||
LIRCMD_CONF=""
|
|
@ -0,0 +1,41 @@
|
|||
# These are the default options to lircd, if installed as
|
||||
# /etc/lirc/lirc_options.conf. See the lircd(8) and lircmd(8)
|
||||
# manpages for info on the different options.
|
||||
#
|
||||
# Some tools including mode2 and irw uses values such as
|
||||
# driver, device, plugindir and loglevel as fallback values
|
||||
# in not defined elsewhere.
|
||||
|
||||
[lircd]
|
||||
nodaemon = False
|
||||
driver = default
|
||||
device = /dev/lirc0
|
||||
output = /var/run/lirc/lircd
|
||||
pidfile = /var/run/lirc/lircd.pid
|
||||
plugindir = /usr/lib/arm-linux-gnueabihf/lirc/plugins
|
||||
permission = 666
|
||||
allow-simulate = No
|
||||
repeat-max = 600
|
||||
#effective-user =
|
||||
#listen = [address:]port
|
||||
#connect = host[:port]
|
||||
#loglevel = 6
|
||||
#release = true
|
||||
#release_suffix = _EVUP
|
||||
#logfile = ...
|
||||
#driver-options = ...
|
||||
|
||||
[lircmd]
|
||||
uinput = False
|
||||
nodaemon = False
|
||||
|
||||
# [modinit]
|
||||
# code = /usr/sbin/modprobe lirc_serial
|
||||
# code1 = /usr/bin/setfacl -m g:lirc:rw /dev/uinput
|
||||
# code2 = ...
|
||||
|
||||
|
||||
# [lircd-uinput]
|
||||
# add-release-events = False
|
||||
# release-timeout = 200
|
||||
# release-suffix = _EVUP
|
|
@ -0,0 +1,100 @@
|
|||
|
||||
# Please make this file available to others
|
||||
# by sending it to <lirc@bartelmus.de>
|
||||
#
|
||||
# this config file was automatically generated
|
||||
# using lirc-0.9.0-pre1(default) on Thu Feb 9 18:06:50 2017
|
||||
#
|
||||
# contributed by
|
||||
#
|
||||
# brand: Insignia
|
||||
# model no. of remote control: NS-RC4NA-14
|
||||
# devices being controlled by this remote: TV
|
||||
#
|
||||
|
||||
begin remote
|
||||
|
||||
name NS-RC4NA-14
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9102 4441
|
||||
one 640 1623
|
||||
zero 640 496
|
||||
ptrail 639
|
||||
repeat 9103 2189
|
||||
pre_data_bits 16
|
||||
pre_data 0x61A0
|
||||
gap 108350
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0xF00F
|
||||
KEY_CONFIG 0xB847
|
||||
KEY_VOLUMEUP 0x30CF
|
||||
KEY_VOLUMEDOWN 0xB04F
|
||||
KEY_MUTE 0x708F
|
||||
KEY_ENTER 0x18E7
|
||||
end codes
|
||||
|
||||
end remote
|
||||
|
||||
|
||||
begin remote
|
||||
|
||||
name iRobot_Roomba
|
||||
flags RAW_CODES|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
ptrail 0
|
||||
repeat 0 0
|
||||
gap 91790
|
||||
|
||||
begin raw_codes
|
||||
|
||||
name clean
|
||||
2831 886 972 2709 944 2711
|
||||
943 2710 2743 893 958 2723
|
||||
931 2722 927 19304 2811 897
|
||||
954 2726 927 2726 927 2726
|
||||
2747 889 966 2714 942 2710
|
||||
941
|
||||
|
||||
name spot
|
||||
2855 858 961 2720 935 2718
|
||||
934 2718 937 2716 2744 893
|
||||
960 2721 931 19526 2829 882
|
||||
968 2711 943 2711 942 2710
|
||||
942 2710 2744 893 960 2720
|
||||
934
|
||||
|
||||
name max
|
||||
2818 898 957 2725 931 2723
|
||||
933 2720 936 2718 2749 890
|
||||
966 2714 2748 17722 2831 882
|
||||
961 2720 925 2729 927 2726
|
||||
926 2728 2753 886 968 2713
|
||||
2749
|
||||
|
||||
name power
|
||||
2837 883 970 2711 943 2712
|
||||
942 2711 2747 893 963 2718
|
||||
2755 886 965 19522 2816 895
|
||||
955 2727 928 2726 930 2724
|
||||
2758 883 970 2712 2748 891
|
||||
962
|
||||
|
||||
name pause
|
||||
2823 897 956 2729 933 2723
|
||||
936 2721 2751 889 965 2722
|
||||
937 2721 2748 17726 2828 886
|
||||
970 2713 942 2713 939 2716
|
||||
2753 888 970 2714 942 2713
|
||||
2754
|
||||
|
||||
end raw_codes
|
||||
|
||||
end remote
|
|
@ -0,0 +1,157 @@
|
|||
|
||||
# Please make this file available to others
|
||||
# by sending it to <lirc@bartelmus.de>
|
||||
#
|
||||
# this config file was automatically generated
|
||||
# using lirc-0.9.0-pre1(default) on Thu Jun 29 00:24:26 2017
|
||||
#
|
||||
# contributed by darkfeather@aninix.net
|
||||
#
|
||||
# brand: LG.conf
|
||||
# model no. of remote control: AKB73715608
|
||||
# devices being controlled by this remote: TV
|
||||
#
|
||||
|
||||
begin remote
|
||||
|
||||
name LASKO
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9063 4496
|
||||
one 579 1673
|
||||
zero 579 546
|
||||
ptrail 580
|
||||
repeat 9066 2248
|
||||
pre_data_bits 16
|
||||
pre_data 0x20DF
|
||||
gap 108528
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0x10EF
|
||||
KEY_VOLUMEUP 0x40BF
|
||||
KEY_VOLUMEDOWN 0xC03F
|
||||
KEY_CONFIG 0xD02F
|
||||
KEY_ENTER 0x22DD
|
||||
KEY_MUTE 0x906F
|
||||
end codes
|
||||
|
||||
end remote
|
||||
|
||||
|
||||
|
||||
# Please make this file available to others
|
||||
# by sending it to <lirc@bartelmus.de>
|
||||
#
|
||||
# this config file was automatically generated
|
||||
# using lirc-0.9.0-pre1(default) on Tue May 1 06:40:29 2018
|
||||
#
|
||||
# contributed by
|
||||
#
|
||||
# brand: ./lasko.conf
|
||||
# model no. of remote control:
|
||||
# devices being controlled by this remote:
|
||||
#
|
||||
|
||||
begin remote
|
||||
|
||||
name ./lasko.conf
|
||||
flags RAW_CODES|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
ptrail 413
|
||||
gap 53152
|
||||
|
||||
begin raw_codes
|
||||
|
||||
name KEY_POWER
|
||||
1253 391 1256 391 428 1258
|
||||
1258 424 1226 428 400 1294
|
||||
397 1307 386 1291 398 1295
|
||||
396 1264 429 1289 1230 6912
|
||||
1265 383 1264 427 388 1314
|
||||
1199 425 1230 428 396 1324
|
||||
375 1259 420 1264 423 1312
|
||||
379 1293 397 1261 1259
|
||||
|
||||
name KEY_MUTE
|
||||
1266 374 1256 394 426 1256
|
||||
1259 447 1202 431 397 1294
|
||||
393 1306 388 1292 397 1318
|
||||
373 1261 1258 411 414 7771
|
||||
1261 392 1257 421 395 1268
|
||||
1247 424 1225 431 398 1292
|
||||
398 1294 397 1292 396 1307
|
||||
385 1288 1229 430 397
|
||||
|
||||
name KEY_VOLUMEDOWN
|
||||
1252 395 1258 392 426 1256
|
||||
1258 393 1257 398 430 1293
|
||||
395 1296 395 1267 424 1292
|
||||
1226 432 397 1265 424 7772
|
||||
1260 392 1257 391 426 1258
|
||||
1267 386 1256 400 425 1267
|
||||
427 1300 391 1315 368 1269
|
||||
1262 487 334 1297 387
|
||||
|
||||
name KEY_MOVE
|
||||
1256 394 1253 420 399 1293
|
||||
1224 391 1255 403 424 1265
|
||||
427 1282 411 1294 1224 429
|
||||
396 1292 399 1290 408 7767
|
||||
1256 391 1257 422 396 1268
|
||||
1279 393 1232 393 426 1294
|
||||
396 1263 428 1315 1226 411
|
||||
425 1235 430 1259 427
|
||||
|
||||
end raw_codes
|
||||
|
||||
end remote
|
||||
|
||||
# Please make this file available to others
|
||||
# by sending it to <lirc@bartelmus.de>
|
||||
#
|
||||
# this config file was automatically generated
|
||||
# using lirc-0.9.0-pre1(default) on Thu Feb 9 18:06:50 2017
|
||||
#
|
||||
# contributed by
|
||||
#
|
||||
# brand: Insignia
|
||||
# model no. of remote control: NS-RC4NA-14
|
||||
# devices being controlled by this remote: TV
|
||||
#
|
||||
|
||||
begin remote
|
||||
|
||||
name NS-RC4NA-14
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9102 4441
|
||||
one 640 1623
|
||||
zero 640 496
|
||||
ptrail 639
|
||||
repeat 9103 2189
|
||||
pre_data_bits 16
|
||||
pre_data 0x61A0
|
||||
gap 108350
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0xF00F
|
||||
KEY_CONFIG 0xB847
|
||||
KEY_VOLUMEUP 0x30CF
|
||||
KEY_VOLUMEDOWN 0xB04F
|
||||
KEY_MUTE 0x708F
|
||||
KEY_ENTER 0x18E7
|
||||
end codes
|
||||
|
||||
end remote
|
||||
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
begin remote
|
||||
|
||||
name LG-AKB73715608
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9063 4496
|
||||
one 579 1673
|
||||
zero 579 546
|
||||
ptrail 580
|
||||
repeat 9066 2248
|
||||
pre_data_bits 16
|
||||
pre_data 0x20DF
|
||||
gap 108528
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0x10EF
|
||||
KEY_VOLUMEUP 0x40BF
|
||||
KEY_VOLUMEDOWN 0xC03F
|
||||
KEY_CONFIG 0xD02F
|
||||
KEY_ENTER 0x22DD
|
||||
KEY_MUTE 0x906F
|
||||
end codes
|
||||
|
||||
end remote
|
|
@ -0,0 +1,28 @@
|
|||
begin remote
|
||||
|
||||
name LG-AKB73715608
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9063 4496
|
||||
one 579 1673
|
||||
zero 579 546
|
||||
ptrail 580
|
||||
repeat 9066 2248
|
||||
pre_data_bits 16
|
||||
pre_data 0x20DF
|
||||
gap 108528
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0x10EF
|
||||
KEY_VOLUMEUP 0x40BF
|
||||
KEY_VOLUMEDOWN 0xC03F
|
||||
KEY_CONFIG 0xD02F
|
||||
KEY_ENTER 0x22DD
|
||||
KEY_MUTE 0x906F
|
||||
end codes
|
||||
|
||||
end remote
|
|
@ -0,0 +1,28 @@
|
|||
begin remote
|
||||
|
||||
name NS-RC4NA-14
|
||||
bits 16
|
||||
flags SPACE_ENC|CONST_LENGTH
|
||||
eps 30
|
||||
aeps 100
|
||||
|
||||
header 9102 4441
|
||||
one 640 1623
|
||||
zero 640 496
|
||||
ptrail 639
|
||||
repeat 9103 2189
|
||||
pre_data_bits 16
|
||||
pre_data 0x61A0
|
||||
gap 108350
|
||||
toggle_bit_mask 0x0
|
||||
|
||||
begin codes
|
||||
KEY_POWER 0xF00F
|
||||
KEY_CONFIG 0xB847
|
||||
KEY_VOLUMEUP 0x30CF
|
||||
KEY_VOLUMEDOWN 0xB04F
|
||||
KEY_MUTE 0x708F
|
||||
KEY_ENTER 0x18E7
|
||||
end codes
|
||||
|
||||
end remote
|
|
@ -0,0 +1,174 @@
|
|||
# Rename this distribution example file to motion.conf
|
||||
#
|
||||
# This config file was generated by motion 4.3.2
|
||||
# Documentation: /usr/share/doc/motion/motion_guide.html
|
||||
#
|
||||
# This file contains only the basic configuration options to get a
|
||||
# system working. There are many more options available. Please
|
||||
# consult the documentation for the complete list of all options.
|
||||
#
|
||||
|
||||
############################################################
|
||||
# System control configuration parameters
|
||||
############################################################
|
||||
|
||||
# Start in daemon (background) mode and release terminal.
|
||||
daemon off
|
||||
|
||||
# Start in Setup-Mode, daemon disabled.
|
||||
setup_mode off
|
||||
|
||||
# File to store the process ID.
|
||||
; pid_file value
|
||||
|
||||
# File to write logs messages into. If not defined stderr and syslog is used.
|
||||
log_file /var/log/motion/motion.log
|
||||
|
||||
# Level of log messages [1..9] (EMG, ALR, CRT, ERR, WRN, NTC, INF, DBG, ALL).
|
||||
log_level 6
|
||||
|
||||
# Target directory for pictures, snapshots and movies
|
||||
target_dir /var/lib/motion
|
||||
|
||||
# Video device (e.g. /dev/video0) to be used for capturing.
|
||||
videodevice /dev/video0
|
||||
|
||||
# Parameters to control video device. See motion_guide.html
|
||||
; vid_control_params value
|
||||
|
||||
# The full URL of the network camera stream.
|
||||
; netcam_url value
|
||||
|
||||
# Name of mmal camera (e.g. vc.ril.camera for pi camera).
|
||||
; mmalcam_name value
|
||||
|
||||
# Camera control parameters (see raspivid/raspistill tool documentation)
|
||||
; mmalcam_control_params value
|
||||
|
||||
############################################################
|
||||
# Image Processing configuration parameters
|
||||
############################################################
|
||||
|
||||
# Image width in pixels.
|
||||
width 640
|
||||
|
||||
# Image height in pixels.
|
||||
height 480
|
||||
|
||||
# Maximum number of frames to be captured per second.
|
||||
framerate 15
|
||||
|
||||
# Rotate to fit
|
||||
rotate 90
|
||||
|
||||
# Text to be overlayed in the lower left corner of images
|
||||
text_left GETH-HUB-3
|
||||
|
||||
# Text to be overlayed in the lower right corner of images.
|
||||
text_right %Y-%m-%d\n%T-%q
|
||||
|
||||
############################################################
|
||||
# Motion detection configuration parameters
|
||||
############################################################
|
||||
|
||||
# Always save pictures and movies even if there was no motion.
|
||||
emulate_motion off
|
||||
|
||||
# Threshold for number of changed pixels that triggers motion.
|
||||
threshold 1500
|
||||
|
||||
# Noise threshold for the motion detection.
|
||||
; noise_level 32
|
||||
|
||||
# Despeckle the image using (E/e)rode or (D/d)ilate or (l)abel.
|
||||
despeckle_filter EedDl
|
||||
|
||||
# Number of images that must contain motion to trigger an event.
|
||||
minimum_motion_frames 1
|
||||
|
||||
# Gap in seconds of no motion detected that triggers the end of an event.
|
||||
event_gap 60
|
||||
|
||||
# The number of pre-captured (buffered) pictures from before motion.
|
||||
pre_capture 3
|
||||
|
||||
# Number of frames to capture after motion is no longer detected.
|
||||
post_capture 0
|
||||
|
||||
############################################################
|
||||
# Script execution configuration parameters
|
||||
############################################################
|
||||
|
||||
# Command to be executed when an event starts.
|
||||
; on_event_start value
|
||||
|
||||
# Command to be executed when an event ends.
|
||||
; on_event_end value
|
||||
|
||||
# Command to be executed when a movie file is closed.
|
||||
; on_movie_end value
|
||||
|
||||
############################################################
|
||||
# Picture output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Output pictures when motion is detected
|
||||
picture_output off
|
||||
|
||||
# File name(without extension) for pictures relative to target directory
|
||||
picture_filename %Y%m%d%H%M%S-%q
|
||||
|
||||
############################################################
|
||||
# Movie output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Create movies of motion events.
|
||||
movie_output on
|
||||
|
||||
# Maximum length of movie in seconds.
|
||||
movie_max_time 60
|
||||
|
||||
# The encoding quality of the movie. (0=use bitrate. 1=worst quality, 100=best)
|
||||
movie_quality 45
|
||||
|
||||
# Container/Codec to used for the movie. See motion_guide.html
|
||||
movie_codec mkv
|
||||
|
||||
# File name(without extension) for movies relative to target directory
|
||||
movie_filename %t-%v-%Y%m%d%H%M%S
|
||||
|
||||
############################################################
|
||||
# Webcontrol configuration parameters
|
||||
############################################################
|
||||
|
||||
# Port number used for the webcontrol.
|
||||
webcontrol_port 8080
|
||||
|
||||
# Restrict webcontrol connections to the localhost.
|
||||
webcontrol_localhost on
|
||||
|
||||
# Type of configuration options to allow via the webcontrol.
|
||||
webcontrol_parms 0
|
||||
|
||||
############################################################
|
||||
# Live stream configuration parameters
|
||||
############################################################
|
||||
|
||||
# The port number for the live stream.
|
||||
stream_port 8081
|
||||
|
||||
# Restrict stream connections to the localhost.
|
||||
stream_localhost off
|
||||
|
||||
##############################################################
|
||||
# Camera config files - One for each camera.
|
||||
##############################################################
|
||||
; camera /usr/etc/motion/camera1.conf
|
||||
; camera /usr/etc/motion/camera2.conf
|
||||
; camera /usr/etc/motion/camera3.conf
|
||||
; camera /usr/etc/motion/camera4.conf
|
||||
|
||||
##############################################################
|
||||
# Directory to read '.conf' files for cameras.
|
||||
##############################################################
|
||||
; camera_dir /usr/etc/motion/conf.d
|
|
@ -0,0 +1,174 @@
|
|||
# Rename this distribution example file to motion.conf
|
||||
#
|
||||
# This config file was generated by motion 4.3.2
|
||||
# Documentation: /usr/share/doc/motion/motion_guide.html
|
||||
#
|
||||
# This file contains only the basic configuration options to get a
|
||||
# system working. There are many more options available. Please
|
||||
# consult the documentation for the complete list of all options.
|
||||
#
|
||||
|
||||
############################################################
|
||||
# System control configuration parameters
|
||||
############################################################
|
||||
|
||||
# Start in daemon (background) mode and release terminal.
|
||||
daemon off
|
||||
|
||||
# Start in Setup-Mode, daemon disabled.
|
||||
setup_mode off
|
||||
|
||||
# File to store the process ID.
|
||||
; pid_file value
|
||||
|
||||
# File to write logs messages into. If not defined stderr and syslog is used.
|
||||
log_file /var/log/motion/motion.log
|
||||
|
||||
# Level of log messages [1..9] (EMG, ALR, CRT, ERR, WRN, NTC, INF, DBG, ALL).
|
||||
log_level 6
|
||||
|
||||
# Target directory for pictures, snapshots and movies
|
||||
target_dir /var/lib/motion
|
||||
|
||||
# Video device (e.g. /dev/video0) to be used for capturing.
|
||||
videodevice /dev/video0
|
||||
|
||||
# Parameters to control video device. See motion_guide.html
|
||||
; vid_control_params value
|
||||
|
||||
# The full URL of the network camera stream.
|
||||
; netcam_url value
|
||||
|
||||
# Name of mmal camera (e.g. vc.ril.camera for pi camera).
|
||||
; mmalcam_name value
|
||||
|
||||
# Camera control parameters (see raspivid/raspistill tool documentation)
|
||||
; mmalcam_control_params value
|
||||
|
||||
############################################################
|
||||
# Image Processing configuration parameters
|
||||
############################################################
|
||||
|
||||
# Image width in pixels.
|
||||
width 640
|
||||
|
||||
# Image height in pixels.
|
||||
height 480
|
||||
|
||||
# Maximum number of frames to be captured per second.
|
||||
framerate 15
|
||||
|
||||
# Rotate to fit
|
||||
rotate 90
|
||||
|
||||
# Text to be overlayed in the lower left corner of images
|
||||
text_left GETH-HUB-3
|
||||
|
||||
# Text to be overlayed in the lower right corner of images.
|
||||
text_right %Y-%m-%d\n%T-%q
|
||||
|
||||
############################################################
|
||||
# Motion detection configuration parameters
|
||||
############################################################
|
||||
|
||||
# Always save pictures and movies even if there was no motion.
|
||||
emulate_motion off
|
||||
|
||||
# Threshold for number of changed pixels that triggers motion.
|
||||
threshold 1500
|
||||
|
||||
# Noise threshold for the motion detection.
|
||||
; noise_level 32
|
||||
|
||||
# Despeckle the image using (E/e)rode or (D/d)ilate or (l)abel.
|
||||
despeckle_filter EedDl
|
||||
|
||||
# Number of images that must contain motion to trigger an event.
|
||||
minimum_motion_frames 1
|
||||
|
||||
# Gap in seconds of no motion detected that triggers the end of an event.
|
||||
event_gap 60
|
||||
|
||||
# The number of pre-captured (buffered) pictures from before motion.
|
||||
pre_capture 3
|
||||
|
||||
# Number of frames to capture after motion is no longer detected.
|
||||
post_capture 0
|
||||
|
||||
############################################################
|
||||
# Script execution configuration parameters
|
||||
############################################################
|
||||
|
||||
# Command to be executed when an event starts.
|
||||
; on_event_start value
|
||||
|
||||
# Command to be executed when an event ends.
|
||||
; on_event_end value
|
||||
|
||||
# Command to be executed when a movie file is closed.
|
||||
; on_movie_end value
|
||||
|
||||
############################################################
|
||||
# Picture output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Output pictures when motion is detected
|
||||
picture_output off
|
||||
|
||||
# File name(without extension) for pictures relative to target directory
|
||||
picture_filename %Y%m%d%H%M%S-%q
|
||||
|
||||
############################################################
|
||||
# Movie output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Create movies of motion events.
|
||||
movie_output on
|
||||
|
||||
# Maximum length of movie in seconds.
|
||||
movie_max_time 60
|
||||
|
||||
# The encoding quality of the movie. (0=use bitrate. 1=worst quality, 100=best)
|
||||
movie_quality 45
|
||||
|
||||
# Container/Codec to used for the movie. See motion_guide.html
|
||||
movie_codec mkv
|
||||
|
||||
# File name(without extension) for movies relative to target directory
|
||||
movie_filename %t-%v-%Y%m%d%H%M%S
|
||||
|
||||
############################################################
|
||||
# Webcontrol configuration parameters
|
||||
############################################################
|
||||
|
||||
# Port number used for the webcontrol.
|
||||
webcontrol_port 8080
|
||||
|
||||
# Restrict webcontrol connections to the localhost.
|
||||
webcontrol_localhost on
|
||||
|
||||
# Type of configuration options to allow via the webcontrol.
|
||||
webcontrol_parms 0
|
||||
|
||||
############################################################
|
||||
# Live stream configuration parameters
|
||||
############################################################
|
||||
|
||||
# The port number for the live stream.
|
||||
stream_port 8081
|
||||
|
||||
# Restrict stream connections to the localhost.
|
||||
stream_localhost off
|
||||
|
||||
##############################################################
|
||||
# Camera config files - One for each camera.
|
||||
##############################################################
|
||||
; camera /usr/etc/motion/camera1.conf
|
||||
; camera /usr/etc/motion/camera2.conf
|
||||
; camera /usr/etc/motion/camera3.conf
|
||||
; camera /usr/etc/motion/camera4.conf
|
||||
|
||||
##############################################################
|
||||
# Directory to read '.conf' files for cameras.
|
||||
##############################################################
|
||||
; camera_dir /usr/etc/motion/conf.d
|
|
@ -0,0 +1,174 @@
|
|||
# Rename this distribution example file to motion.conf
|
||||
#
|
||||
# This config file was generated by motion 4.3.2
|
||||
# Documentation: /usr/share/doc/motion/motion_guide.html
|
||||
#
|
||||
# This file contains only the basic configuration options to get a
|
||||
# system working. There are many more options available. Please
|
||||
# consult the documentation for the complete list of all options.
|
||||
#
|
||||
|
||||
############################################################
|
||||
# System control configuration parameters
|
||||
############################################################
|
||||
|
||||
# Start in daemon (background) mode and release terminal.
|
||||
daemon off
|
||||
|
||||
# Start in Setup-Mode, daemon disabled.
|
||||
setup_mode off
|
||||
|
||||
# File to store the process ID.
|
||||
; pid_file value
|
||||
|
||||
# File to write logs messages into. If not defined stderr and syslog is used.
|
||||
log_file /var/log/motion/motion.log
|
||||
|
||||
# Level of log messages [1..9] (EMG, ALR, CRT, ERR, WRN, NTC, INF, DBG, ALL).
|
||||
log_level 6
|
||||
|
||||
# Target directory for pictures, snapshots and movies
|
||||
target_dir /var/lib/motion
|
||||
|
||||
# Video device (e.g. /dev/video0) to be used for capturing.
|
||||
videodevice /dev/video0
|
||||
|
||||
# Parameters to control video device. See motion_guide.html
|
||||
; vid_control_params value
|
||||
|
||||
# The full URL of the network camera stream.
|
||||
; netcam_url value
|
||||
|
||||
# Name of mmal camera (e.g. vc.ril.camera for pi camera).
|
||||
; mmalcam_name value
|
||||
|
||||
# Camera control parameters (see raspivid/raspistill tool documentation)
|
||||
; mmalcam_control_params value
|
||||
|
||||
############################################################
|
||||
# Image Processing configuration parameters
|
||||
############################################################
|
||||
|
||||
# Image width in pixels.
|
||||
width 640
|
||||
|
||||
# Image height in pixels.
|
||||
height 480
|
||||
|
||||
# Maximum number of frames to be captured per second.
|
||||
framerate 15
|
||||
|
||||
# Rotate to fit
|
||||
rotate 90
|
||||
|
||||
# Text to be overlayed in the lower left corner of images
|
||||
text_left GETH-HUB-3
|
||||
|
||||
# Text to be overlayed in the lower right corner of images.
|
||||
text_right %Y-%m-%d\n%T-%q
|
||||
|
||||
############################################################
|
||||
# Motion detection configuration parameters
|
||||
############################################################
|
||||
|
||||
# Always save pictures and movies even if there was no motion.
|
||||
emulate_motion off
|
||||
|
||||
# Threshold for number of changed pixels that triggers motion.
|
||||
threshold 1500
|
||||
|
||||
# Noise threshold for the motion detection.
|
||||
; noise_level 32
|
||||
|
||||
# Despeckle the image using (E/e)rode or (D/d)ilate or (l)abel.
|
||||
despeckle_filter EedDl
|
||||
|
||||
# Number of images that must contain motion to trigger an event.
|
||||
minimum_motion_frames 1
|
||||
|
||||
# Gap in seconds of no motion detected that triggers the end of an event.
|
||||
event_gap 60
|
||||
|
||||
# The number of pre-captured (buffered) pictures from before motion.
|
||||
pre_capture 3
|
||||
|
||||
# Number of frames to capture after motion is no longer detected.
|
||||
post_capture 0
|
||||
|
||||
############################################################
|
||||
# Script execution configuration parameters
|
||||
############################################################
|
||||
|
||||
# Command to be executed when an event starts.
|
||||
; on_event_start value
|
||||
|
||||
# Command to be executed when an event ends.
|
||||
; on_event_end value
|
||||
|
||||
# Command to be executed when a movie file is closed.
|
||||
; on_movie_end value
|
||||
|
||||
############################################################
|
||||
# Picture output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Output pictures when motion is detected
|
||||
picture_output off
|
||||
|
||||
# File name(without extension) for pictures relative to target directory
|
||||
picture_filename %Y%m%d%H%M%S-%q
|
||||
|
||||
############################################################
|
||||
# Movie output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Create movies of motion events.
|
||||
movie_output on
|
||||
|
||||
# Maximum length of movie in seconds.
|
||||
movie_max_time 60
|
||||
|
||||
# The encoding quality of the movie. (0=use bitrate. 1=worst quality, 100=best)
|
||||
movie_quality 45
|
||||
|
||||
# Container/Codec to used for the movie. See motion_guide.html
|
||||
movie_codec mkv
|
||||
|
||||
# File name(without extension) for movies relative to target directory
|
||||
movie_filename %t-%v-%Y%m%d%H%M%S
|
||||
|
||||
############################################################
|
||||
# Webcontrol configuration parameters
|
||||
############################################################
|
||||
|
||||
# Port number used for the webcontrol.
|
||||
webcontrol_port 8080
|
||||
|
||||
# Restrict webcontrol connections to the localhost.
|
||||
webcontrol_localhost on
|
||||
|
||||
# Type of configuration options to allow via the webcontrol.
|
||||
webcontrol_parms 0
|
||||
|
||||
############################################################
|
||||
# Live stream configuration parameters
|
||||
############################################################
|
||||
|
||||
# The port number for the live stream.
|
||||
stream_port 8081
|
||||
|
||||
# Restrict stream connections to the localhost.
|
||||
stream_localhost off
|
||||
|
||||
##############################################################
|
||||
# Camera config files - One for each camera.
|
||||
##############################################################
|
||||
; camera /usr/etc/motion/camera1.conf
|
||||
; camera /usr/etc/motion/camera2.conf
|
||||
; camera /usr/etc/motion/camera3.conf
|
||||
; camera /usr/etc/motion/camera4.conf
|
||||
|
||||
##############################################################
|
||||
# Directory to read '.conf' files for cameras.
|
||||
##############################################################
|
||||
; camera_dir /usr/etc/motion/conf.d
|
|
@ -0,0 +1,147 @@
|
|||
---
|
||||
|
||||
- name: Geth-Hub packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- motion
|
||||
- lirc
|
||||
- snmpd
|
||||
- libcamera-apps
|
||||
- ir-keytable
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
- name: Copy the SSH key
|
||||
authorized_key:
|
||||
user: "{{ ansible_user_id }}"
|
||||
state: present
|
||||
key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/geth.pub') }}"
|
||||
|
||||
- name: Copy the motion config
|
||||
become: yes
|
||||
register: motion_config
|
||||
template:
|
||||
src: "motion.conf.j2"
|
||||
dest: "/etc/motion/motion.conf"
|
||||
|
||||
- name: Create motion log folder
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: motion
|
||||
group: motion
|
||||
mode: 0750
|
||||
loop:
|
||||
- "/var/log/motion"
|
||||
- "/var/run/motion"
|
||||
|
||||
- name: Restart the motion service
|
||||
become: yes
|
||||
when: motion_config.changed and motion_enabled
|
||||
service:
|
||||
name: motion
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: Allow override of motion service
|
||||
become: yes
|
||||
when: not motion_enabled
|
||||
service:
|
||||
name: motion
|
||||
state: stopped
|
||||
enabled: no
|
||||
|
||||
|
||||
# Thanks to https://wiki.geekworm.com/Raspberry_Pi_IR_Control_Expansion_Board for instructions setting up lirc
|
||||
- name: Set the dtoverlay
|
||||
become: yes
|
||||
register: dtoverlay
|
||||
blockinfile:
|
||||
path: "/boot/config.txt"
|
||||
insertafter: EOF
|
||||
marker: "# {mark} Ubiqtorate Managed Block"
|
||||
block: |
|
||||
dtoverlay=gpio-ir,gpio_pin={{ gpio_in_pin | default('18') }}
|
||||
dtoverlay=gpio-ir-tx,gpio_pin={{ gpio_out_pin | default('17') }}
|
||||
start_x=1
|
||||
|
||||
- name: Unset camera autodetect
|
||||
become: yes
|
||||
register: camera_autodetect
|
||||
lineinfile:
|
||||
path: "/boot/config.txt"
|
||||
regexp: "camera_auto_detect"
|
||||
line: "# camera_auto_detect=1"
|
||||
|
||||
- name: Set the dtparam
|
||||
become: yes
|
||||
register: dtparam
|
||||
lineinfile:
|
||||
path: "/boot/config.txt"
|
||||
regexp: "^dtparam="
|
||||
line: "dtparam=gpio_in_pull={{ gpio_in_pull | default('down') }}"
|
||||
|
||||
- name: Copy the modules config
|
||||
become: yes
|
||||
register: modules_config
|
||||
template:
|
||||
src: "modules.j2"
|
||||
dest: "/etc/modules"
|
||||
|
||||
- name: Copy the modules config, part 2
|
||||
become: yes
|
||||
register: modules_config_2
|
||||
template:
|
||||
src: "lirc_rpi.conf.j2"
|
||||
dest: "/etc/modprobe.d/lirc_rpi.conf"
|
||||
|
||||
- name: Reboot if needed
|
||||
become: yes
|
||||
when: modules_config.changed or dtparam.changed or dtoverlay.changed or modules_config_2.changed or camera_autodetect.changed
|
||||
reboot:
|
||||
|
||||
- name: Wait if needed
|
||||
become: yes
|
||||
when: modules_config.changed or dtparam.changed or dtoverlay.changed or modules_config_2.changed
|
||||
wait_for_connection:
|
||||
|
||||
- name: Copy lircd supplemental config
|
||||
register: lircd_supp_config
|
||||
become: yes
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "/etc/lirc/{{ item }}"
|
||||
loop:
|
||||
- hardware.conf
|
||||
- lirc_options.conf
|
||||
|
||||
- name: Copy lircd remote config
|
||||
register: lircd_remote_config
|
||||
become: yes
|
||||
copy:
|
||||
src: "lircd.conf/{{ remote }}"
|
||||
dest: /etc/lirc/lircd.conf
|
||||
|
||||
- name: Start the services
|
||||
when: lircd_supp_config.changed or lircd_remote_config.changed
|
||||
become: yes
|
||||
service:
|
||||
name: lircd
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
|
||||
- name: SNMPD config
|
||||
become: yes
|
||||
template:
|
||||
src: snmpd.conf.j2
|
||||
dest: /etc/snmp/snmpd.conf
|
||||
|
||||
- name: SNMPD service
|
||||
become: yes
|
||||
service:
|
||||
name: snmpd
|
||||
state: restarted
|
||||
enabled: yes
|
|
@ -0,0 +1 @@
|
|||
options gpio_ir_recv gpio_in_pin={{ gpio_in_pin | default('18') }} gpio_out_pin={{ gpio_out_pin | default('17') }}
|
|
@ -0,0 +1,10 @@
|
|||
# /etc/modules: kernel modules to load at boot time.
|
||||
#
|
||||
# This file contains the names of kernel modules that should be loaded
|
||||
# at boot time, one per line. Lines beginning with "#" are ignored.
|
||||
|
||||
# lirc_dev
|
||||
# lirc_rpi gpio_in_pin={{ gpio_in_pin | default('18') }} gpio_out_pin={{ gpio_out_pin | default('17') }}
|
||||
bcm2835-v4l2
|
||||
r8188eu
|
||||
|
|
@ -0,0 +1,176 @@
|
|||
# Rename this distribution example file to motion.conf
|
||||
#
|
||||
# This config file was generated by motion 4.3.2
|
||||
# Documentation: /usr/share/doc/motion/motion_guide.html
|
||||
#
|
||||
# This file contains only the basic configuration options to get a
|
||||
# system working. There are many more options available. Please
|
||||
# consult the documentation for the complete list of all options.
|
||||
#
|
||||
|
||||
############################################################
|
||||
# System control configuration parameters
|
||||
############################################################
|
||||
|
||||
# Start in daemon (background) mode and release terminal.
|
||||
daemon off
|
||||
|
||||
# Start in Setup-Mode, daemon disabled.
|
||||
setup_mode off
|
||||
|
||||
# File to store the process ID.
|
||||
; pid_file value
|
||||
|
||||
# File to write logs messages into. If not defined stderr and syslog is used.
|
||||
log_file /var/log/motion/motion.log
|
||||
|
||||
# Level of log messages [1..9] (EMG, ALR, CRT, ERR, WRN, NTC, INF, DBG, ALL).
|
||||
log_level 6
|
||||
|
||||
# Target directory for pictures, snapshots and movies
|
||||
target_dir /var/lib/motion
|
||||
|
||||
# Video device (e.g. /dev/video0) to be used for capturing.
|
||||
videodevice /dev/video0
|
||||
|
||||
# Parameters to control video device. See motion_guide.html
|
||||
; vid_control_params value
|
||||
|
||||
# The full URL of the network camera stream.
|
||||
; netcam_url value
|
||||
|
||||
# Name of mmal camera (e.g. vc.ril.camera for pi camera).
|
||||
; mmalcam_name value
|
||||
mmalcam_name vc.ril.camera
|
||||
mmalcam_use_still off
|
||||
|
||||
# Camera control parameters (see raspivid/raspistill tool documentation)
|
||||
; mmalcam_control_params value
|
||||
|
||||
############################################################
|
||||
# Image Processing configuration parameters
|
||||
############################################################
|
||||
|
||||
# Image width in pixels.
|
||||
width 1296
|
||||
|
||||
# Image height in pixels.
|
||||
height 972
|
||||
|
||||
# Maximum number of frames to be captured per second.
|
||||
framerate 15
|
||||
|
||||
# Rotate to fit
|
||||
rotate {{ rotate }}
|
||||
|
||||
# Text to be overlayed in the lower left corner of images
|
||||
text_left {{ inventory_hostname }}
|
||||
|
||||
# Text to be overlayed in the lower right corner of images.
|
||||
text_right %Y-%m-%d\n%T-%q
|
||||
|
||||
############################################################
|
||||
# Motion detection configuration parameters
|
||||
############################################################
|
||||
|
||||
# Always save pictures and movies even if there was no motion.
|
||||
emulate_motion off
|
||||
|
||||
# Threshold for number of changed pixels that triggers motion.
|
||||
threshold 1500
|
||||
|
||||
# Noise threshold for the motion detection.
|
||||
; noise_level 32
|
||||
|
||||
# Despeckle the image using (E/e)rode or (D/d)ilate or (l)abel.
|
||||
despeckle_filter EedDl
|
||||
|
||||
# Number of images that must contain motion to trigger an event.
|
||||
minimum_motion_frames 1
|
||||
|
||||
# Gap in seconds of no motion detected that triggers the end of an event.
|
||||
event_gap 60
|
||||
|
||||
# The number of pre-captured (buffered) pictures from before motion.
|
||||
pre_capture 3
|
||||
|
||||
# Number of frames to capture after motion is no longer detected.
|
||||
post_capture 0
|
||||
|
||||
############################################################
|
||||
# Script execution configuration parameters
|
||||
############################################################
|
||||
|
||||
# Command to be executed when an event starts.
|
||||
; on_event_start value
|
||||
|
||||
# Command to be executed when an event ends.
|
||||
; on_event_end value
|
||||
|
||||
# Command to be executed when a movie file is closed.
|
||||
; on_movie_end value
|
||||
|
||||
############################################################
|
||||
# Picture output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Output pictures when motion is detected
|
||||
picture_output off
|
||||
|
||||
# File name(without extension) for pictures relative to target directory
|
||||
picture_filename %Y%m%d%H%M%S-%q
|
||||
|
||||
############################################################
|
||||
# Movie output configuration parameters
|
||||
############################################################
|
||||
|
||||
# Create movies of motion events.
|
||||
movie_output off
|
||||
|
||||
# Maximum length of movie in seconds.
|
||||
movie_max_time 60
|
||||
|
||||
# The encoding quality of the movie. (0=use bitrate. 1=worst quality, 100=best)
|
||||
movie_quality 45
|
||||
|
||||
# Container/Codec to used for the movie. See motion_guide.html
|
||||
movie_codec mkv
|
||||
|
||||
# File name(without extension) for movies relative to target directory
|
||||
movie_filename %t-%v-%Y%m%d%H%M%S
|
||||
|
||||
############################################################
|
||||
# Webcontrol configuration parameters
|
||||
############################################################
|
||||
|
||||
# Port number used for the webcontrol.
|
||||
webcontrol_port 8080
|
||||
|
||||
# Restrict webcontrol connections to the localhost.
|
||||
webcontrol_localhost on
|
||||
|
||||
# Type of configuration options to allow via the webcontrol.
|
||||
webcontrol_parms 0
|
||||
|
||||
############################################################
|
||||
# Live stream configuration parameters
|
||||
############################################################
|
||||
|
||||
# The port number for the live stream.
|
||||
stream_port 8081
|
||||
|
||||
# Restrict stream connections to the localhost.
|
||||
stream_localhost off
|
||||
|
||||
##############################################################
|
||||
# Camera config files - One for each camera.
|
||||
##############################################################
|
||||
; camera /usr/etc/motion/camera1.conf
|
||||
; camera /usr/etc/motion/camera2.conf
|
||||
; camera /usr/etc/motion/camera3.conf
|
||||
; camera /usr/etc/motion/camera4.conf
|
||||
|
||||
##############################################################
|
||||
# Directory to read '.conf' files for cameras.
|
||||
##############################################################
|
||||
; camera_dir /usr/etc/motion/conf.d
|
|
@ -0,0 +1,23 @@
|
|||
sysLocation {{ inventory_hostname }}
|
||||
sysContact {{ organization['admin'] }} <{{ organization['email'] }}>
|
||||
|
||||
sysServices 72
|
||||
|
||||
master agentx
|
||||
|
||||
agentaddress {{ ip }}:161
|
||||
|
||||
view systemonly included .1.3.6.1.2.1.1
|
||||
view systemonly included .1.3.6.1.2.1.25.1
|
||||
view remotecmds included .1
|
||||
|
||||
CreateUser remote SHA {{ passwords[inventory_hostname] }} AES {{ passwords[inventory_hostname] }}
|
||||
|
||||
rouser remote priv .1
|
||||
|
||||
extend -cacheTime 1 power /usr/bin/irsend SEND_ONCE {{ remote }} KEY_POWER
|
||||
extend -cacheTime 1 mute /usr/bin/irsend SEND_ONCE {{ remote }} KEY_MUTE
|
||||
extend -cacheTime 1 volumeup /usr/bin/irsend SEND_ONCE {{ remote }} KEY_VOLUMEUP
|
||||
extend -cacheTime 1 volumedown /usr/bin/irsend SEND_ONCE {{ remote }} KEY_VOLUMEDOWN
|
||||
extend -cacheTime 1 config /usr/bin/irsend SEND_ONCE {{ remote }} KEY_CONFIG
|
||||
extend -cacheTime 1 enter /usr/bin/irsend SEND_ONCE {{ remote }} KEY_ENTER
|
|
@ -0,0 +1,20 @@
|
|||
Geth is a complete automation suite for homes and interaction with the physical world. However, it is not a automatic process, and as such you will need to install it manually.
|
||||
|
||||
# Etymology=The [http://masseffect.wikia.com/wiki/Geth Geth] are a fictional race in the Mass Effect universe. Geth are individual processes running on many platforms. The more devices, the smarter the collective or gestalt consciousness of the entity becomes.
|
||||
|
||||
# Relevant Files and Software
|
||||
You can install Geth with [https://aninix.net/foundation/ConfigPackages ConfigPackages]'s Geth Makefile and configuration.
|
||||
|
||||
A number of devices can be controlled under the gestalt -- see [[Geth/Hardware]] for our experiments with Geth hardware platforms. The configuration.yaml format used by the underlying home-assistant package is very simple, and as such we don't prescriptively install one over the base version. Instead, we include snippets for you to define your own structure.
|
||||
|
||||
We are also considering features such as integrating smart lights with Shadowfeed presence detection and timeslots and requiring wireless presence for RFC door unlocks.
|
||||
|
||||
[file:///var/lib/hass/ Geth configuration] can be tested with the following: <pre> hass --script check_config -c /var/lib/hass</pre>
|
||||
|
||||
# Available Clients
|
||||
See [[WebServer#Clients|this list of clients]] for tools to access this system. The Shadowfeed NAT rules will need to be updated to allow access outside the network, and make sure to follow [https://home-assistant.io/getting-started/securing/ the security checkpoints] before publishing.
|
||||
|
||||
# Equivalents or Competition
|
||||
Most home-automation systems are DIY at the moment, though the [https://nest.com/ NEST] system is one commercial offering.
|
||||
<!--|ref=REFERENCE-->}}
|
||||
[[Category:SSL]]
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
- name: Geth packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- openhab2
|
||||
|
||||
- name:
|
|
@ -0,0 +1,22 @@
|
|||
Grimoire is a PostgreSQL database underlying other systems on the AniNIX, including [AniNIX/Singularity](../Singularity)
|
||||
|
||||
# Etymology
|
||||
A [grimoire](http://en.wikipedia.org/wiki/Grimoire) is historically a collection of magical knowledge and the ability summon spirits or daemons. Similarly, Singularity adds knowledge to be read from the Grimoire, and Wiki includes the methodology to start the daemon processes being run on the network.
|
||||
|
||||
# Relevant Files and Software
|
||||
Grimoire has a user, postgres, with a home directory of `/var/lib/postgres/`. This user's bashrc contains some help text on how to reset passwords and backup databases in PostgreSQL.
|
||||
|
||||
## Backups
|
||||
Backups are provided by [AniNIX/Aether](../Aether). They can be restored with the following:
|
||||
```
|
||||
psql -U dbuser -d db -f backup.sql
|
||||
```
|
||||
|
||||
# Available Clients
|
||||
There are no clients for the Grimoire -- Singularity and Wiki maintain their tables.
|
||||
|
||||
# Additional Reference
|
||||
Make sure to read the [PostgreSQL page on ArchWiki](https://wiki.archlinux.org/index.php/PostgreSQL) to understand how to maintain this system.
|
||||
|
||||
# Tables
|
||||
* Singularity controls the ttrss database.
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
|
||||
- name: Grimoire packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- postgresql
|
||||
|
|
@ -0,0 +1,64 @@
|
|||
IRC is a chat system used by members of the AniNIX network.
|
||||
|
||||
# Etymology
|
||||
[IRC](https://en.wikipedia.org/wiki/IRC) stands for Internet Relay Chat -- it is a method of text-based communication across the network via various servers. IRC has long been the self-hosted communication medium of choice for hackers, developers, and the fringe -- though overall adoption has dropped a bit with the rise of other social media, networks like [Libera](https://libera.chat/) are [still growing](https://royal.pingdom.com/2012/04/24/irc-is-dead-long-live-irc/). IRC is moving to the hacker niche, and we follow along.
|
||||
|
||||
# Relevant Files and Software
|
||||
The configuration for the IRC service is divided into two parts -- the daemon and services.
|
||||
|
||||
## InspIRCd
|
||||
The IRC daemon is powered by [InspIRCd](https://inspircd.org/). Relevant configuration is in `/etc/inspircd/` and it logs to journald.
|
||||
|
||||
## Anope
|
||||
The services component is supplied by [Anope](https://www.anope.org/). Relevant configuration is in [the services.conf](file:///etc/anope/services.conf) and it logs to the [its own log](file:///var/log/anope/).
|
||||
|
||||
Anope also takes backups of [the anope database](file:///var/db/anope/anope.db) to the backups folder in the same location.
|
||||
|
||||
<b>Caution:</b> Anope with version 2.0.3 has some issues with gcc6. If you start encountering segmentation faults with Anope, sign in to `irc://anope.org#anope` (the Anope support IRC network). Script a run of "sudo -u ircd gdb /usr/bin/services core". Enter `r <your flags>` and when it crashes run `bt full`. Quit out of everything and pastebin the file. Provide this to the support staff.
|
||||
|
||||
<b>Caution:</b> Arch's packaged version of Anope may be missing critical LDAP modules. We still install the package, but you may need to use a localized install in /opt to get it working.
|
||||
|
||||
Anope Services' NickServ authentication can be linked to [[Sora|AniNIX::Sora]] for unified credentials.[[Category:LDAP]]
|
||||
|
||||
### Service entities
|
||||
The following entities can be messaged personally (PM'ed) for help with `/msg <entity> help` from inside an IRC client.
|
||||
|
||||
* NickServ will manage IRC nicknames.
|
||||
* HostServ will manage IRC virtual hosts, to mask IP's.
|
||||
* ChanServ will manage IRC channels -- new channels can be registered on the network here.
|
||||
* MemoServ will manage IRC memos (short text-message-like messages between users).
|
||||
|
||||
### Bots
|
||||
|
||||
#### Bitbot
|
||||
|
||||
BitBot is a webhook engine -- we tie it into AniNIX/Yggdrasil and AniNIX/Foundation.
|
||||
|
||||
|
||||
### discord-irc
|
||||
|
||||
Discord-IRC acts as a bridge between our IRC network and Discord -- this lets us integrate with mobile push notifications & lowers the barrier to entry to the network.
|
||||
|
||||
# Available Clients
|
||||
A [simple web client](https://irc.aninix.net) is hosted.
|
||||
|
||||
For more advanced options like logging, you will need to use your own client. All IRC clients will connect to the service by providing the following information:
|
||||
* Host: aninix.net
|
||||
* Port: 6697
|
||||
* The client should accept only valid certificates.
|
||||
* The client should automatically join the #lobby channel.
|
||||
* The client should provide a nickname and NickServ password that the user intends to use.
|
||||
|
||||
### Clients by OS
|
||||
Some example clients can be found here.
|
||||
* Linux hosts are strongly recommended to use [weechat](https://wiki.archlinux.org/index.php/Weechat) inside [tmux](https://wiki.archlinux.org/index.php/Tmux).
|
||||
* Windows hosts can connect to this service using [HexChat](https://hexchat.github.io/).
|
||||
* Mac and iOS hosts can use [Colloquy](http://colloquy.info/downloads.html).
|
||||
* Android hosts can use [AndChat](http://www.duckspike.net/andchat/).
|
||||
|
||||
# Equivalents or Competition
|
||||
Rivals to IRC include other IRC networks like Libera, mail services like [Gmail](https://mail.google.com), and other chat systems like Slack, Microsoft Teams, Discord, Snapchat, WhatsApp, etc. We use Discord to provide new users with a Web-only bridge to the IRC network, but most features are only available within our own network.
|
||||
|
||||
# Additional Reference
|
||||
* [IRCHelp.org for operators](https://www.irchelp.org/ircd/ircopguide.html)
|
||||
* [InspIRCd modes reference](https://docs.inspircd.org/3/user-modes/)
|
|
@ -0,0 +1,17 @@
|
|||
[Unit]
|
||||
Description=AniNIX/IRC daemon
|
||||
Requires=network.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/var/lib/inspircd/inspircd.pid
|
||||
ExecStart=/usr/bin/inspircd
|
||||
ExecReload=kill -HUP $MAINPID
|
||||
ExecStop=kill $MAINPID
|
||||
Restart=always
|
||||
User=ircd
|
||||
Group=ircd
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Description=AniNIX/IRC | Anope Services
|
||||
Requires=network.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
PIDFile=/run/anope/anope.pid
|
||||
ExecStart=/opt/anope/bin/services --confdir=/etc/anope/ --dbdir=/opt/anope/data --localedir=/opt/anope/locale --logdir=/var/log/anope --modulesdir=/opt/anope/lib --nofork
|
||||
ExecReload=/bin/kill -1 $MAINPID
|
||||
Restart=always
|
||||
User=ircd
|
||||
Group=ircd
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,15 @@
|
|||
[Unit]
|
||||
Description=AniNIX/IRC Web Client
|
||||
After=network.target irc.service ircservices.service
|
||||
|
||||
[Service]
|
||||
WorkingDirectory=/usr/local/src/KiwiIRC/
|
||||
ExecStart=/bin/sh ./kiwi -f
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillMode=control-group
|
||||
Restart=always
|
||||
User=ircd
|
||||
Group=ircd
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
|
||||
- user:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
shell: "{{ daemon_shell | default('/sbin/nologin') }}"
|
||||
local: yes
|
||||
groups: ircd
|
||||
loop:
|
||||
- bitbot
|
||||
- dsbridge
|
||||
- theraven
|
||||
- werewolf
|
||||
|
||||
# Install TheRaven package
|
||||
- package:
|
||||
name:
|
||||
- TheRaven
|
||||
|
||||
- git:
|
||||
repo: 'https://github.com/jesopo/bitbot.git'
|
||||
dest: /usr/local/src/bitbot/
|
||||
clone: yes
|
||||
update: yes
|
||||
|
||||
- git:
|
||||
repo:
|
||||
|
||||
-
|
|
@ -0,0 +1,102 @@
|
|||
---
|
||||
|
||||
- name: Ensure directory permissions
|
||||
become: yes
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ item }}"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0750
|
||||
loop:
|
||||
- "/var/log/inspircd"
|
||||
- "/etc/inspircd"
|
||||
|
||||
- name: Generate dhparam
|
||||
become: yes
|
||||
command:
|
||||
cmd: openssl dhparam -out /etc/inspircd/dhparams.pem 2048
|
||||
creates: /etc/inspircd/dhparams.pem
|
||||
|
||||
- name: Permissions on dhparam
|
||||
become: yes
|
||||
file:
|
||||
state: file
|
||||
path: /etc/inspircd/dhparams.pem
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0640
|
||||
|
||||
- name: Add ircd user to ssl
|
||||
become: yes
|
||||
user:
|
||||
name: ircd
|
||||
groups: ssl
|
||||
append: yes
|
||||
|
||||
- name: Copy service file
|
||||
become: yes
|
||||
register: servicesfile
|
||||
copy:
|
||||
src: services/irc.service
|
||||
dest: /usr/lib/systemd/system/irc.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Reload services
|
||||
when: servicesfile.changed
|
||||
become: yes
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Copy config and fill in attributes
|
||||
register: templatefiles
|
||||
become: yes
|
||||
template:
|
||||
src: "inspircd/{{ item }}.j2"
|
||||
dest: "/etc/inspircd/{{ item }}"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0600
|
||||
loop:
|
||||
- inspircd.conf
|
||||
- modules.conf
|
||||
- links.conf
|
||||
- opers.conf
|
||||
- rules.txt
|
||||
- motd.txt
|
||||
|
||||
- name: Tracking directory
|
||||
become: yes
|
||||
file:
|
||||
dest: "/etc/inspircd/data/"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0750
|
||||
state: directory
|
||||
|
||||
- name: Ensure tracking files
|
||||
become: yes
|
||||
file:
|
||||
dest: "/etc/inspircd/{{ item }}"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0600
|
||||
loop:
|
||||
- 'data/xline.db'
|
||||
- 'data/permchannels.conf'
|
||||
|
||||
- name: Ensure service running
|
||||
become: yes
|
||||
service:
|
||||
name: irc
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: Reload on config change
|
||||
become: yes
|
||||
when: templatefiles.changed or servicesfile.changed
|
||||
service:
|
||||
name: irc
|
||||
state: reloaded
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
|
||||
- name: IRC packages
|
||||
become: yes
|
||||
package:
|
||||
name:
|
||||
- inspircd
|
||||
- anope
|
||||
- TheRaven
|
||||
|
||||
- include_tasks: daemon.yml
|
||||
|
||||
- include_tasks: services.yml
|
||||
|
||||
- include_tasks: web.yml
|
||||
|
||||
#- include_tasks: bots.yml
|
||||
|
|
@ -0,0 +1,65 @@
|
|||
---
|
||||
|
||||
- name: Ensure directory permissions
|
||||
become: yes
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ item }}"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0700
|
||||
loop:
|
||||
- "/etc/anope"
|
||||
- "/opt/anope"
|
||||
- "/opt/anope/data"
|
||||
- "/var/log/anope"
|
||||
|
||||
- name: Copy config and fill in attributes
|
||||
register: templatefiles
|
||||
become: yes
|
||||
template:
|
||||
src: "anope/{{ item }}.j2"
|
||||
dest: "/etc/anope/{{ item }}"
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0600
|
||||
loop:
|
||||
- botserv.conf
|
||||
- chanserv.conf
|
||||
- global.conf
|
||||
- hostserv.conf
|
||||
- memoserv.conf
|
||||
- modules.conf
|
||||
- nickserv.conf
|
||||
- operserv.conf
|
||||
- services.conf
|
||||
|
||||
- name: Copy service file
|
||||
become: yes
|
||||
register: servicesfile
|
||||
copy:
|
||||
src: services/ircservices.service
|
||||
dest: /usr/lib/systemd/system/ircservices.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Reload services
|
||||
when: servicesfile.changed
|
||||
become: yes
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Ensure service running
|
||||
become: yes
|
||||
service:
|
||||
name: ircservices
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: Reload on config change
|
||||
become: yes
|
||||
when: templatefiles.changed or servicesfile.changed
|
||||
service:
|
||||
name: ircservices
|
||||
state: reloaded
|
|
@ -0,0 +1,58 @@
|
|||
---
|
||||
|
||||
- name: Clone KiwiIRC
|
||||
become: yes
|
||||
git:
|
||||
repo: https://github.com/prawnsalad/KiwiIRC.git
|
||||
dest: /usr/local/src/KiwiIRC
|
||||
update: no
|
||||
|
||||
# Need to capture AniNIX skinning of client as well as client build process.
|
||||
|
||||
- name: Update permissions
|
||||
become: yes
|
||||
file:
|
||||
path: /usr/local/src/KiwiIRC
|
||||
recurse: yes
|
||||
owner: ircd
|
||||
group: ircd
|
||||
|
||||
- name: Populate config
|
||||
become: yes
|
||||
register: config
|
||||
template:
|
||||
src: kiwiirc/config.js.j2
|
||||
dest: /usr/local/src/KiwiIRC/config.js
|
||||
owner: ircd
|
||||
group: ircd
|
||||
mode: 0600
|
||||
|
||||
- name: Copy service file
|
||||
become: yes
|
||||
register: servicesfile
|
||||
copy:
|
||||
src: services/ircweb.service
|
||||
dest: /usr/lib/systemd/system/ircweb.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Reload services
|
||||
when: servicesfile.changed
|
||||
become: yes
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Ensure service running
|
||||
become: yes
|
||||
service:
|
||||
name: ircweb
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: Reload on config change
|
||||
become: yes
|
||||
when: config.changed or servicesfile.changed
|
||||
service:
|
||||
name: ircweb
|
||||
state: reloaded
|
|
@ -0,0 +1,404 @@
|
|||
/*
|
||||
* Example configuration file for BotServ.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service. If you do not want to have a 'BotServ', but do want the ability to have
|
||||
* ChanServ assigned to channels for the use of fantasy commands, you may delete the below 'service' block.
|
||||
*
|
||||
* Note that deleting a 'service' block for a pseudoclient that is already online will not remove the
|
||||
* client, the client becomes no different from a normal service bot, so you will have to use botserv/bot
|
||||
* to manually delete the client.
|
||||
*
|
||||
* You may then want to map some of the below commands to other services, like placing botserv/bot on
|
||||
* OperServ so you can delete the below client, and mapping assign and unassign to ChanServ so users are
|
||||
* able to control whether or not ChanServ is in the channel. You may also want to map botserv/set/nobot
|
||||
* to OperServ so you can restrict who can assign the other core service clients.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the BotServ client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the botserv module too.
|
||||
*/
|
||||
nick = "BotServ"
|
||||
|
||||
/*
|
||||
* The username of the BotServ client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the BotServ client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the BotServ client.
|
||||
*/
|
||||
gecos = "Bot Service"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core BotServ module.
|
||||
*
|
||||
* Provides essential functionality for BotServ.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "botserv"
|
||||
|
||||
/*
|
||||
* The name of the client that should be BotServ.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
client = "BotServ"
|
||||
|
||||
/*
|
||||
* The default bot options for newly registered channels. Note that changing these options
|
||||
* will have no effect on channels which are already registered. The list must be separated
|
||||
* by spaces.
|
||||
*
|
||||
* The options are:
|
||||
* - dontkickops: Channel operators will be protected against BotServ kicks
|
||||
* - dontkickvoices: Voiced users will be protected against BotServ kicks
|
||||
* - greet: The channel's BotServ bot will greet incoming users that have set a greet
|
||||
* in their NickServ settings
|
||||
* - fantasy: Enables the use of BotServ fantasy commands in the channel
|
||||
*
|
||||
* This directive is optional, if left blank, there will be no defaults.
|
||||
*/
|
||||
defaults = "greet fantasy"
|
||||
|
||||
/*
|
||||
* The minimum number of users there must be in a channel before the bot joins it. The best
|
||||
* value for this setting is 1 or 2. This can be 0, the service bots will not part unless
|
||||
* specifically unassigned, and will keep the channel open.
|
||||
*/
|
||||
minusers = 1
|
||||
|
||||
/*
|
||||
* The bots are currently not affected by any modes or bans when they try to join a channel.
|
||||
* But some people may want to make it act like a real bot, that is, for example, remove all
|
||||
* the bans affecting the bot before joining the channel, remove a ban that affects the bot
|
||||
* set by a user when it is in the channel, and so on. Since it consumes a bit more CPU
|
||||
* time, you should not enable this on larger networks.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#smartjoin = yes
|
||||
|
||||
/*
|
||||
* Modes to set on service bots when they join channels, comment this out for no modes
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
botmodes = "ao"
|
||||
|
||||
/*
|
||||
* User modes to set on service bots. Read the comment about the service:modes directive
|
||||
* on why this can be a bad idea to set.
|
||||
*/
|
||||
#botumodes = "i"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core BotServ commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "BotServ"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* bs_assign
|
||||
*
|
||||
* Provides the commands:
|
||||
* botserv/assign - Used to assign BotServ bots to channels
|
||||
* botserv/unassign - Used to unassign BotServ bots
|
||||
* botserv/set/nobot - Used to prohibit channels from being assigned BotServ bots.
|
||||
*
|
||||
* Used for assigning and unassigning bots to channels.
|
||||
*/
|
||||
module { name = "bs_assign" }
|
||||
command { service = "BotServ"; name = "ASSIGN"; command = "botserv/assign"; }
|
||||
command { service = "BotServ"; name = "UNASSIGN"; command = "botserv/unassign"; }
|
||||
command { service = "BotServ"; name = "SET NOBOT"; command = "botserv/set/nobot"; permission = "botserv/set/nobot"; }
|
||||
|
||||
/*
|
||||
* bs_autoassign
|
||||
*
|
||||
* Allows service bots to be automatically assigned to channels upon registration.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "bs_autoassign"
|
||||
|
||||
/*
|
||||
* Automatically assign ChanServ to channels upon registration.
|
||||
*/
|
||||
bot = "ChanServ"
|
||||
}
|
||||
|
||||
/*
|
||||
* bs_badwords
|
||||
*
|
||||
* Provides the command botserv/badwords.
|
||||
*
|
||||
* Used for controlling the channel badword list.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "bs_badwords"
|
||||
|
||||
/*
|
||||
* The maximum number of entries a single bad words list can have.
|
||||
*/
|
||||
badwordsmax = 32
|
||||
|
||||
/*
|
||||
* If set, BotServ will use case sensitive checking for badwords.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#casesensitive = yes
|
||||
}
|
||||
command { service = "BotServ"; name = "BADWORDS"; command = "botserv/badwords"; }
|
||||
|
||||
/*
|
||||
* bs_bot
|
||||
*
|
||||
* Provides the command botserv/bot.
|
||||
*
|
||||
* Used for administrating BotServ bots.
|
||||
*/
|
||||
module { name = "bs_bot" }
|
||||
command { service = "BotServ"; name = "BOT"; command = "botserv/bot"; permission = "botserv/bot"; }
|
||||
|
||||
/*
|
||||
* bs_botlist
|
||||
*
|
||||
* Provides the command botserv/botlist.
|
||||
*
|
||||
* Used for listing all available bots.
|
||||
*/
|
||||
module { name = "bs_botlist" }
|
||||
command { service = "BotServ"; name = "BOTLIST"; command = "botserv/botlist"; }
|
||||
|
||||
/*
|
||||
* bs_control
|
||||
*
|
||||
* Provides the commands botserv/act and botserv/say.
|
||||
*
|
||||
* Used for making the bot message a channel.
|
||||
*/
|
||||
module { name = "bs_control" }
|
||||
command { service = "BotServ"; name = "ACT"; command = "botserv/act"; }
|
||||
command { service = "BotServ"; name = "SAY"; command = "botserv/say"; }
|
||||
|
||||
/*
|
||||
* bs_info
|
||||
*
|
||||
* Provides the command botserv/info.
|
||||
*
|
||||
* Used for getting information on bots or channels.
|
||||
*/
|
||||
module { name = "bs_info" }
|
||||
command { service = "BotServ"; name = "INFO"; command = "botserv/info"; }
|
||||
|
||||
/*
|
||||
* bs_kick
|
||||
*
|
||||
* Provides the commands:
|
||||
* botserv/kick - Dummy help wrapper for the KICK command.
|
||||
* botserv/kick/amsg - Configures BotServ's AMSG kicker.
|
||||
* botserv/kick/badwords - Configures BotServ's badwords kicker.
|
||||
* botserv/kick/bolds - Configures BotServ's bold text kiceker.
|
||||
* botserv/kick/caps - Configures BotServ's capital letters kicker.
|
||||
* botserv/kick/colors - Configures BotServ's color kicker.
|
||||
* botserv/kick/flood - Configures BotServ's flood kicker.
|
||||
* botserv/kick/italics - Configures BotServ's italics kicker.
|
||||
* botserv/kick/repeat - Configures BotServ's repeat kicker.
|
||||
* botserv/kick/reverses - Configures BotServ's reverse kicker.
|
||||
* botserv/kick/underlines - Configures BotServ's reverse kicker.
|
||||
* botserv/set/dontkickops - Used for preventing BotServ from kicking channel operators.
|
||||
* botserv/set/dontkickvoices - Used for preventing BotServ from kicking voices.
|
||||
*
|
||||
* Used for configuring what bots should kick for.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "bs_kick"
|
||||
|
||||
/*
|
||||
* The amount of time that data for a user is valid in BotServ. If the data exceeds this time,
|
||||
* it is reset or deleted depending on the case. Do not set it too high, otherwise your
|
||||
* resources will be slightly affected.
|
||||
*/
|
||||
keepdata = 10m
|
||||
|
||||
/*
|
||||
* If set, the bots will use a kick reason that does not state the word when it is kicking.
|
||||
* This is especially useful if you have young people on your network.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
gentlebadwordreason = yes
|
||||
}
|
||||
command { service = "BotServ"; name = "KICK"; command = "botserv/kick"; }
|
||||
command { service = "BotServ"; name = "KICK AMSG"; command = "botserv/kick/amsg"; }
|
||||
command { service = "BotServ"; name = "KICK BADWORDS"; command = "botserv/kick/badwords"; }
|
||||
command { service = "BotServ"; name = "KICK BOLDS"; command = "botserv/kick/bolds"; }
|
||||
command { service = "BotServ"; name = "KICK CAPS"; command = "botserv/kick/caps"; }
|
||||
command { service = "BotServ"; name = "KICK COLORS"; command = "botserv/kick/colors"; }
|
||||
command { service = "BotServ"; name = "KICK FLOOD"; command = "botserv/kick/flood"; }
|
||||
command { service = "BotServ"; name = "KICK ITALICS"; command = "botserv/kick/italics"; }
|
||||
command { service = "BotServ"; name = "KICK REPEAT"; command = "botserv/kick/repeat"; }
|
||||
command { service = "BotServ"; name = "KICK REVERSES"; command = "botserv/kick/reverses"; }
|
||||
command { service = "BotServ"; name = "KICK UNDERLINES"; command = "botserv/kick/underlines"; }
|
||||
|
||||
command { service = "BotServ"; name = "SET DONTKICKOPS"; command = "botserv/set/dontkickops"; }
|
||||
command { service = "BotServ"; name = "SET DONTKICKVOICES"; command = "botserv/set/dontkickvoices"; }
|
||||
|
||||
|
||||
/*
|
||||
* bs_set
|
||||
*
|
||||
* Provides the commands:
|
||||
* botserv/set/private - Used to prohibit specific BotServ bots from being assigned to channels.
|
||||
*/
|
||||
module { name = "bs_set" }
|
||||
command { service = "BotServ"; name = "SET"; command = "botserv/set"; }
|
||||
command { service = "BotServ"; name = "SET BANEXPIRE"; command = "botserv/set/banexpire"; }
|
||||
command { service = "BotServ"; name = "SET PRIVATE"; command = "botserv/set/private"; permission = "botserv/set/private"; }
|
||||
|
||||
/*
|
||||
* greet
|
||||
*
|
||||
* Provides the commands:
|
||||
* botserv/set/greet - Used for enabling or disabling BotServ's greet messages in a channel.
|
||||
* nickserv/set/greet, nickserv/saset/greet - Used for changing a users greet message, which is displayed when they enter channels.
|
||||
*/
|
||||
module { name = "greet" }
|
||||
command { service = "BotServ"; name = "SET GREET"; command = "botserv/set/greet"; }
|
||||
command { service = "NickServ"; name = "SET GREET"; command = "nickserv/set/greet"; }
|
||||
command { service = "NickServ"; name = "SASET GREET"; command = "nickserv/saset/greet"; permission = "nickserv/saset/greet"; }
|
||||
|
||||
/*
|
||||
* GREET privilege.
|
||||
*
|
||||
* Used by 'greet'.
|
||||
*
|
||||
* Users with this privilege have their greet shown when they join channels.
|
||||
*/
|
||||
privilege
|
||||
{
|
||||
name = "GREET"
|
||||
rank = 40
|
||||
level = 5
|
||||
flag = "g"
|
||||
xop = "AOP"
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* fantasy
|
||||
*
|
||||
* Allows 'fantaisist' commands to be used in channels.
|
||||
*
|
||||
* Provides the commands:
|
||||
* botserv/set/fantasy - Used for enabling or disabling BotServ's fantasist commands.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "fantasy"
|
||||
|
||||
/*
|
||||
* Defines the prefixes for fantasy commands in channels. One of these characters will have to be prepended
|
||||
* to all fantasy commands. If you choose "!", for example, fantasy commands will be "!kick",
|
||||
* "!op", etc. This directive is optional, if left out, the default fantasy character is "!".
|
||||
*/
|
||||
#fantasycharacter = "!."
|
||||
}
|
||||
command { service = "BotServ"; name = "SET FANTASY"; command = "botserv/set/fantasy"; }
|
||||
|
||||
/*
|
||||
* Fantasy commands
|
||||
*
|
||||
* Fantasy commands can be executed in channels that have a BotServ bot by prefixing the
|
||||
* command with one of the fantasy characters configured in botserv's fantasycharacter
|
||||
* directive.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
fantasy { name = "ACCESS"; command = "chanserv/access"; }
|
||||
fantasy { name = "AKICK"; command = "chanserv/akick"; }
|
||||
fantasy { name = "AOP"; command = "chanserv/xop"; }
|
||||
fantasy { name = "BAN"; command = "chanserv/ban"; }
|
||||
fantasy { name = "CLONE"; command = "chanserv/clone"; }
|
||||
fantasy { name = "DEHALFOP"; command = "chanserv/modes"; }
|
||||
fantasy { name = "DEOP"; command = "chanserv/modes"; }
|
||||
fantasy { name = "DEOWNER"; command = "chanserv/modes"; }
|
||||
fantasy { name = "DEPROTECT"; command = "chanserv/modes"; }
|
||||
fantasy { name = "DEVOICE"; command = "chanserv/modes"; }
|
||||
fantasy { name = "DOWN"; command = "chanserv/down"; }
|
||||
fantasy { name = "ENFORCE"; command = "chanserv/enforce"; }
|
||||
fantasy { name = "ENTRYMSG"; command = "chanserv/entrymsg"; }
|
||||
fantasy { name = "FLAGS"; command = "chanserv/flags"; }
|
||||
fantasy { name = "HALFOP"; command = "chanserv/modes"; }
|
||||
fantasy { name = "HELP"; command = "generic/help"; prepend_channel = false; }
|
||||
fantasy { name = "HOP"; command = "chanserv/xop"; }
|
||||
fantasy { name = "INFO"; command = "chanserv/info"; prepend_channel = false; }
|
||||
fantasy { name = "INVITE"; command = "chanserv/invite"; }
|
||||
fantasy { name = "K"; command = "chanserv/kick"; }
|
||||
fantasy { name = "KB"; command = "chanserv/ban"; }
|
||||
fantasy { name = "KICK"; command = "chanserv/kick"; }
|
||||
fantasy { name = "LEVELS"; command = "chanserv/levels"; }
|
||||
fantasy { name = "LIST"; command = "chanserv/list"; prepend_channel = false; }
|
||||
fantasy { name = "LOG"; command = "chanserv/log"; }
|
||||
fantasy { name = "MODE"; command = "chanserv/mode"; }
|
||||
fantasy { name = "MUTE"; command = "chanserv/ban"; kick = no; mode = "QUIET"; }
|
||||
fantasy { name = "OP"; command = "chanserv/modes"; }
|
||||
fantasy { name = "OWNER"; command = "chanserv/modes"; }
|
||||
fantasy { name = "PROTECT"; command = "chanserv/modes"; }
|
||||
fantasy { name = "QOP"; command = "chanserv/xop"; }
|
||||
fantasy { name = "SEEN"; command = "chanserv/seen"; prepend_channel = false; }
|
||||
fantasy { name = "SOP"; command = "chanserv/xop"; }
|
||||
fantasy { name = "STATUS"; command = "chanserv/status"; }
|
||||
fantasy { name = "SUSPEND"; command = "chanserv/suspend"; permission = "chanserv/suspend"; }
|
||||
fantasy { name = "SYNC"; command = "chanserv/sync"; }
|
||||
fantasy { name = "TOPIC"; command = "chanserv/topic"; }
|
||||
fantasy { name = "UNBAN"; command = "chanserv/unban"; }
|
||||
fantasy { name = "UNSUSPEND"; command = "chanserv/unsuspend"; permission = "chanserv/suspend"; }
|
||||
fantasy { name = "UP"; command = "chanserv/up"; }
|
||||
fantasy { name = "VOICE"; command = "chanserv/modes"; }
|
||||
fantasy { name = "VOP"; command = "chanserv/xop"; }
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,115 @@
|
|||
/*
|
||||
* Example configuration file for Global.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the Global client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the global module too.
|
||||
*/
|
||||
nick = "Global"
|
||||
|
||||
/*
|
||||
* The username of the Global client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the Global client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the Global client.
|
||||
*/
|
||||
gecos = "Global Noticer"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core Global module.
|
||||
*
|
||||
* Provides essential functionality for Global.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "global"
|
||||
|
||||
/*
|
||||
* The name of the client that should be Global.
|
||||
*/
|
||||
client = "Global"
|
||||
|
||||
/*
|
||||
* This is the global message that will be sent when Services are being
|
||||
* shutdown/restarted.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#globaloncycledown = "Services are restarting, they will be back shortly - please be good while we're gone"
|
||||
|
||||
/*
|
||||
* This is the global message that will be sent when Services (re)join the
|
||||
* network.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#globaloncycleup = "Services are now back online - have a nice day"
|
||||
|
||||
/*
|
||||
* If set, Services will hide the IRC Operator's nick in a global
|
||||
* message/notice.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#anonymousglobal = yes
|
||||
}
|
||||
|
||||
/*
|
||||
* Core Global commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "Global"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* gl_global
|
||||
*
|
||||
* Provides the command global/global.
|
||||
*
|
||||
* Used for sending a message to every online user.
|
||||
*/
|
||||
module { name = "gl_global" }
|
||||
command { service = "Global"; name = "GLOBAL"; command = "global/global"; permission = "global/global"; }
|
|
@ -0,0 +1,188 @@
|
|||
/*
|
||||
* Example configuration file for HostServ.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the HostServ client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the hostserv module too.
|
||||
*/
|
||||
nick = "HostServ"
|
||||
|
||||
/*
|
||||
* The username of the HostServ client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the HostServ client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the HostServ client.
|
||||
*/
|
||||
gecos = "vHost Service"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core HostServ module.
|
||||
*
|
||||
* Provides essential functionality for HostServ.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "hostserv"
|
||||
|
||||
/*
|
||||
* The name of the client that should be HostServ.
|
||||
*/
|
||||
client = "HostServ"
|
||||
|
||||
/*
|
||||
* If enabled, vhosts are activated on users immediately when they are set.
|
||||
*/
|
||||
activate_on_set = false
|
||||
}
|
||||
|
||||
/*
|
||||
* Core HostServ commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "HostServ"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* hs_del
|
||||
*
|
||||
* Provides the commands hostserv/del and hostserv/delall.
|
||||
*
|
||||
* Used for removing users' vHosts.
|
||||
*/
|
||||
module { name = "hs_del" }
|
||||
command { service = "HostServ"; name = "DEL"; command = "hostserv/del"; permission = "hostserv/del"; }
|
||||
command { service = "HostServ"; name = "DELALL"; command = "hostserv/delall"; permission = "hostserv/del"; }
|
||||
|
||||
/*
|
||||
* hs_group
|
||||
*
|
||||
* Provides the command hostserv/group.
|
||||
*
|
||||
* Used for grouping one vHost to many nicks.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "hs_group"
|
||||
|
||||
/*
|
||||
* Upon nickserv/group, this option syncs the nick's main vHost to the grouped nick.
|
||||
*/
|
||||
syncongroup = false
|
||||
|
||||
/*
|
||||
* This makes vhosts act as if they are per account.
|
||||
*/
|
||||
synconset = false
|
||||
}
|
||||
command { service = "HostServ"; name = "GROUP"; command = "hostserv/group"; }
|
||||
|
||||
/*
|
||||
* hs_list
|
||||
*
|
||||
* Provides the command hostserv/list.
|
||||
*
|
||||
* Used for listing actively set vHosts.
|
||||
*/
|
||||
module { name = "hs_list" }
|
||||
command { service = "HostServ"; name = "LIST"; command = "hostserv/list"; permission = "hostserv/list"; }
|
||||
|
||||
/*
|
||||
* hs_off
|
||||
*
|
||||
* Provides the command hostserv/off.
|
||||
*
|
||||
* Used for turning off your vHost.
|
||||
*/
|
||||
module { name = "hs_off" }
|
||||
command { service = "HostServ"; name = "OFF"; command = "hostserv/off"; }
|
||||
|
||||
/*
|
||||
* hs_on
|
||||
*
|
||||
* Provides the command hostserv/on.
|
||||
*
|
||||
* Used for turning on your vHost.
|
||||
*/
|
||||
module { name = "hs_on" }
|
||||
command { service = "HostServ"; name = "ON"; command = "hostserv/on"; }
|
||||
|
||||
/*
|
||||
* hs_request
|
||||
*
|
||||
* Provides the commands hostserv/request, hostserv/activate, hostserv/reject, and hostserv/waiting.
|
||||
*
|
||||
* Used to manage vHosts requested by users.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "hs_request"
|
||||
|
||||
/*
|
||||
* If set, Services will send a memo to the user requesting a vHost when it's been
|
||||
* approved or rejected.
|
||||
*/
|
||||
memouser = yes
|
||||
|
||||
/*
|
||||
* If set, Services will send a memo to all Services staff when a new vHost is requested.
|
||||
*/
|
||||
memooper = yes
|
||||
}
|
||||
command { service = "HostServ"; name = "REQUEST"; command = "hostserv/request"; }
|
||||
command { service = "HostServ"; name = "ACTIVATE"; command = "hostserv/activate"; permission = "hostserv/set"; }
|
||||
command { service = "HostServ"; name = "REJECT"; command = "hostserv/reject"; permission = "hostserv/set"; }
|
||||
command { service = "HostServ"; name = "WAITING"; command = "hostserv/waiting"; permission = "hostserv/set"; }
|
||||
|
||||
/*
|
||||
* hs_set
|
||||
*
|
||||
* Provides the commands hostserv/set and hostserv/setall.
|
||||
*
|
||||
* Used for setting users' vHosts.
|
||||
*/
|
||||
module { name = "hs_set" }
|
||||
command { service = "HostServ"; name = "SET"; command = "hostserv/set"; permission = "hostserv/set"; }
|
||||
command { service = "HostServ"; name = "SETALL"; command = "hostserv/setall"; permission = "hostserv/set"; }
|
|
@ -0,0 +1,243 @@
|
|||
/*
|
||||
* Example configuration file for MemoServ.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the MemoServ client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the memoserv module too.
|
||||
*/
|
||||
nick = "MemoServ"
|
||||
|
||||
/*
|
||||
* The username of the MemoServ client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the MemoServ client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the MemoServ client.
|
||||
*/
|
||||
gecos = "Memo Service"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core MemoServ module.
|
||||
*
|
||||
* Provides essential functionality for MemoServ.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "memoserv"
|
||||
/*
|
||||
* The name of the client that should be MemoServ. Clients are configured
|
||||
* with the service blocks.
|
||||
*/
|
||||
client = "MemoServ"
|
||||
|
||||
/*
|
||||
* The maximum number of memos a user is allowed to keep by default. Normal users may set the
|
||||
* limit anywhere between 0 and this value. Services Admins can change it to any value or
|
||||
* disable it.
|
||||
*
|
||||
* This directive is optional, but recommended. If not set, the limit is disabled
|
||||
* by default, and normal users can set any limit they want.
|
||||
*/
|
||||
maxmemos = 20
|
||||
|
||||
/*
|
||||
* The delay between consecutive uses of the MemoServ SEND command. This can help prevent spam
|
||||
* as well as denial-of-service attacks from sending large numbers of memos and filling up disk
|
||||
* space (and memory). The default 3-second wait means a maximum average of 150 bytes of memo
|
||||
* per second per user under the current IRC protocol.
|
||||
*
|
||||
* This directive is optional, but recommended.
|
||||
*/
|
||||
senddelay = 3s
|
||||
}
|
||||
|
||||
/*
|
||||
* Core MemoServ commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "MemoServ"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* ms_cancel
|
||||
*
|
||||
* Provides the command memoserv/cancel.
|
||||
*
|
||||
* Used to cancel memos already sent but not yet read.
|
||||
*/
|
||||
module { name = "ms_cancel" }
|
||||
command { service = "MemoServ"; name = "CANCEL"; command = "memoserv/cancel"; }
|
||||
|
||||
/*
|
||||
* ms_check
|
||||
*
|
||||
* Provides the command memoserv/check.
|
||||
*
|
||||
* Used to check if a sent memo has been read.
|
||||
*/
|
||||
module { name = "ms_check" }
|
||||
command { service = "MemoServ"; name = "CHECK"; command = "memoserv/check"; }
|
||||
|
||||
/*
|
||||
* ms_del
|
||||
*
|
||||
* Provides the command memoserv/del.
|
||||
*
|
||||
* Used to delete your memos.
|
||||
*/
|
||||
module { name = "ms_del" }
|
||||
command { service = "MemoServ"; name = "DEL"; command = "memoserv/del"; }
|
||||
|
||||
/*
|
||||
* ms_ignore
|
||||
*
|
||||
* Provides the command memoserv/ignore.
|
||||
*
|
||||
* Used to ignore memos from specific users.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ms_ignore"
|
||||
|
||||
/*
|
||||
* The maximum number of entries that may be on a memo ignore list.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
max = 32
|
||||
}
|
||||
command { service = "MemoServ"; name = "IGNORE"; command = "memoserv/ignore"; }
|
||||
|
||||
/*
|
||||
* ms_info
|
||||
*
|
||||
* Provides the command memoserv/info.
|
||||
*
|
||||
* Used to show memo related information about an account or a channel.
|
||||
*/
|
||||
module { name = "ms_info" }
|
||||
command { service = "MemoServ"; name = "INFO"; command = "memoserv/info"; }
|
||||
|
||||
/*
|
||||
* ms_list
|
||||
*
|
||||
* Provides the command memoserv/list.
|
||||
*
|
||||
* Used to list your current memos.
|
||||
*/
|
||||
module { name = "ms_list" }
|
||||
command { service = "MemoServ"; name = "LIST"; command = "memoserv/list"; }
|
||||
|
||||
/*
|
||||
* ms_read
|
||||
*
|
||||
* Provides the command memoserv/read.
|
||||
*
|
||||
* Used to read your memos.
|
||||
*/
|
||||
module { name = "ms_read" }
|
||||
command { service = "MemoServ"; name = "READ"; command = "memoserv/read"; }
|
||||
|
||||
/*
|
||||
* ms_rsend
|
||||
*
|
||||
* Provides the command memoserv/rsend.
|
||||
*
|
||||
* Used to send a memo requiring a receipt be sent back once it is read.
|
||||
*
|
||||
* Requires configuring memoserv:memoreceipt.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "ms_rsend"
|
||||
|
||||
/*
|
||||
* Only allow Services Operators to use ms_rsend.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
operonly = false
|
||||
}
|
||||
#command { service = "MemoServ"; name = "RSEND"; command = "memoserv/rsend"; }
|
||||
|
||||
/*
|
||||
* ms_send
|
||||
*
|
||||
* Provides the command memoserv/send.
|
||||
*
|
||||
* Used to send memos.
|
||||
*/
|
||||
module { name = "ms_send" }
|
||||
command { service = "MemoServ"; name = "SEND"; command = "memoserv/send"; }
|
||||
|
||||
/*
|
||||
* ms_sendall
|
||||
*
|
||||
* Provides the command memoserv/sendall.
|
||||
*
|
||||
* Used to send a mass memo to every registered user.
|
||||
*/
|
||||
module { name = "ms_sendall" }
|
||||
command { service = "MemoServ"; name = "SENDALL"; command = "memoserv/sendall"; permission = "memoserv/sendall"; }
|
||||
|
||||
/*
|
||||
* ms_set
|
||||
*
|
||||
* Provides the command memoserv/set.
|
||||
*
|
||||
* Used to set settings such as how you are notified of new memos, and your memo limit.
|
||||
*/
|
||||
module { name = "ms_set" }
|
||||
command { service = "MemoServ"; name = "SET"; command = "memoserv/set"; }
|
||||
|
||||
/*
|
||||
* ms_staff
|
||||
*
|
||||
* Provides the command memoserv/staff.
|
||||
*
|
||||
* Used to send a memo to all registered staff members.
|
||||
*/
|
||||
module { name = "ms_staff" }
|
||||
command { service = "MemoServ"; name = "STAFF"; command = "memoserv/staff"; permission = "memoserv/staff"; }
|
|
@ -0,0 +1,797 @@
|
|||
/*
|
||||
* [OPTIONAL] Non-Core Modules
|
||||
*
|
||||
* The following blocks are used to load all non-core modules, including 3rd-party modules.
|
||||
* Modules can be prevented from loading by commenting out the line, other modules can be added by
|
||||
* adding a module block. These modules will be loaded prior to Services connecting to your network.
|
||||
*
|
||||
* Note that some of these modules are labeled EXTRA, and must be enabled prior to compiling by
|
||||
* running the 'extras' script on Linux and UNIX.
|
||||
*/
|
||||
|
||||
/*
|
||||
* help
|
||||
*
|
||||
* Provides the command generic/help.
|
||||
*
|
||||
* This is a generic help command that can be used with any client.
|
||||
*/
|
||||
module { name = "help" }
|
||||
|
||||
/*
|
||||
* m_ldap [EXTRA]
|
||||
*
|
||||
* This module allows other modules to use LDAP. By itself, this module does nothing useful.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "m_ldap"
|
||||
|
||||
ldap
|
||||
{
|
||||
server = "ldap://127.0.0.1"
|
||||
port = 389
|
||||
|
||||
/*
|
||||
* Admin credentials used for performing searches and adding users.
|
||||
*/
|
||||
admin_binddn = "uid=binduser,{{ ldap['userou'] }},{{ ldap['orgdn'] }}"
|
||||
admin_password = "{{ secrets['Sora']['bindpassword'] }}"
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* m_ldap_authentication [EXTRA]
|
||||
*
|
||||
* This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use
|
||||
* LDAP to authenticate users. Requires m_ldap.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "m_ldap_authentication"
|
||||
|
||||
/*
|
||||
* The distinguished name used for searching for users's accounts.
|
||||
*/
|
||||
basedn = "{{ ldap['userou'] }},{{ ldap['orgdn'] }}"
|
||||
|
||||
/*
|
||||
* The search filter used to look up users's accounts.
|
||||
* %account is replaced with the user's account.
|
||||
* %object_class is replaced with the object_class configured below.
|
||||
*/
|
||||
search_filter = "uid=%account"
|
||||
|
||||
/*
|
||||
* The object class used by LDAP to store user account information.
|
||||
* This is used for adding new users to LDAP if registration is allowed.
|
||||
*/
|
||||
object_class = "organizationalPerson"
|
||||
|
||||
/*
|
||||
* The attribute value used for account names.
|
||||
*/
|
||||
username_attribute = "uid"
|
||||
|
||||
/*
|
||||
* The attribute value used for email addresses.
|
||||
* This directive is optional.
|
||||
*/
|
||||
email_attribute = "email"
|
||||
|
||||
/*
|
||||
* The attribute value used for passwords.
|
||||
* Used when registering new accounts in LDAP.
|
||||
*/
|
||||
password_attribute = "userPassword"
|
||||
|
||||
/*
|
||||
* If set, the reason to give the users who try to register with nickserv,
|
||||
* including nick registration from grouping.
|
||||
*
|
||||
* If not set, then registration is not blocked.
|
||||
*/
|
||||
#disable_register_reason = "To register on this network, contact a netadmin in #lobby. They will need to add an AniNIX/Sora LDAP account for you."
|
||||
|
||||
/*
|
||||
* If set, the reason to give the users who try to "/msg NickServ SET EMAIL".
|
||||
* If not set, then email changing is not blocked.
|
||||
*/
|
||||
disable_email_reason = "Not allowed -- this network does not use email for account management."
|
||||
}
|
||||
|
||||
/*
|
||||
* m_dns
|
||||
*
|
||||
* Adds support for the DNS protocol. By itself this module does nothing useful,
|
||||
* but other modules such as m_dnsbl and os_dns require this.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_dns"
|
||||
|
||||
/*
|
||||
* The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
|
||||
* The below should work fine on all unix like systems. Windows users will have to find their nameservers
|
||||
* from ipconfig /all and put the IP here.
|
||||
*/
|
||||
nameserver = "/etc/resolv.conf"
|
||||
#nameserver = "127.0.0.1"
|
||||
|
||||
/*
|
||||
* How long to wait in seconds before a DNS query has timed out.
|
||||
*/
|
||||
timeout = 5
|
||||
|
||||
|
||||
/* Only edit below if you are expecting to use os_dns or otherwise answer DNS queries. */
|
||||
|
||||
/*
|
||||
* The IP and port services use to listen for DNS queries.
|
||||
* Note that ports less than 1024 are privileged on UNIX/Linux systems, and
|
||||
* require Anope to be started as root. If you do this, it is recommended you
|
||||
* set options:user and options:group so Anope can change users after binding
|
||||
* to this port.
|
||||
*/
|
||||
ip = "0.0.0.0"
|
||||
port = 53
|
||||
|
||||
|
||||
/*
|
||||
* SOA record information.
|
||||
*/
|
||||
|
||||
/* E-mail address of the DNS administrator. */
|
||||
admin = "admin@example.com"
|
||||
|
||||
/* This should be the names of the public facing nameservers serving the records. */
|
||||
nameservers = "ns1.example.com ns2.example.com"
|
||||
|
||||
/* The time slave servers are allowed to cache. This should be reasonably low
|
||||
* if you want your records to be updated without much delay.
|
||||
*/
|
||||
refresh = 3600
|
||||
|
||||
/* A notify block. There should probably be one per nameserver listed in 'nameservers'.
|
||||
*/
|
||||
notify
|
||||
{
|
||||
ip = "192.0.2.0"
|
||||
port = 53
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* m_dnsbl
|
||||
*
|
||||
* Allows configurable DNS blacklists to check connecting users against. If a user
|
||||
* is found on the blacklist they will be immediately banned. This is a crucial module
|
||||
* to prevent bot attacks.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_dnsbl"
|
||||
|
||||
/*
|
||||
* If set, Services will check clients against the DNSBLs when services connect to its uplink.
|
||||
* This is not recommended, and on large networks will open a very large amount of DNS queries.
|
||||
* Whilst services are not drastically affected by this, your nameserver/DNSBL might care.
|
||||
*/
|
||||
check_on_connect = no
|
||||
|
||||
/*
|
||||
* If set, Services will check clients when coming back from a netsplit. This can cause a large number
|
||||
* of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL
|
||||
* might care.
|
||||
*/
|
||||
check_on_netburst = no
|
||||
|
||||
/*
|
||||
* If set, OperServ will add clients found in the DNSBL to the akill list. Without it, OperServ simply sends
|
||||
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots.
|
||||
*/
|
||||
add_to_akill = yes
|
||||
|
||||
blacklist
|
||||
{
|
||||
/* Name of the blacklist. */
|
||||
name = "rbl.efnetrbl.org"
|
||||
|
||||
/* How long to set the ban for. */
|
||||
time = 4h
|
||||
|
||||
/* Reason for akill.
|
||||
* %n is the nick of the user
|
||||
* %u is the ident/username of the user
|
||||
* %g is the realname of the user
|
||||
* %h is the hostname of the user
|
||||
* %i is the IP of the user
|
||||
* %r is the reply reason (configured below). Will be nothing if not configured.
|
||||
* %N is the network name set in networkinfo:networkname
|
||||
*/
|
||||
reason = "You are listed in the efnet RBL, visit http://rbl.efnetrbl.org/?i=%i for info"
|
||||
|
||||
/* Replies to ban and their reason. If no relies are configured, all replies get banned. */
|
||||
reply
|
||||
{
|
||||
code = 1
|
||||
reason = "Open Proxy"
|
||||
}
|
||||
|
||||
#reply
|
||||
{
|
||||
code = 2
|
||||
reason = "spamtrap666"
|
||||
}
|
||||
|
||||
#reply
|
||||
{
|
||||
code = 3
|
||||
reason = "spamtrap50"
|
||||
}
|
||||
|
||||
reply
|
||||
{
|
||||
code = 4
|
||||
reason = "TOR"
|
||||
|
||||
/*
|
||||
* If set, users identified to services at the time the result comes back
|
||||
* will not be banned.
|
||||
*/
|
||||
#allow_account = yes
|
||||
}
|
||||
|
||||
reply
|
||||
{
|
||||
code = 5
|
||||
reason = "Drones / Flooding"
|
||||
}
|
||||
}
|
||||
|
||||
#blacklist
|
||||
{
|
||||
name = "dnsbl.dronebl.org"
|
||||
time = 4h
|
||||
reason = "You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded?ip=%i&network=%N"
|
||||
}
|
||||
|
||||
/* Exempt localhost from DNSBL checks */
|
||||
exempt { ip = "127.0.0.1" }
|
||||
}
|
||||
|
||||
/*
|
||||
* m_helpchan
|
||||
*
|
||||
* Gives users who are op in the specified help channel usermode +h (helpop).
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_helpchan"
|
||||
|
||||
helpchannel = "#help"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_httpd
|
||||
*
|
||||
* Allows services to serve web pages. By itself, this module does nothing useful.
|
||||
*
|
||||
* Note that using this will allow users to get the IP of your services.
|
||||
* To prevent this we recommend using a reverse proxy or a tunnel.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_httpd"
|
||||
|
||||
httpd
|
||||
{
|
||||
/* Name of this service. */
|
||||
name = "httpd/main"
|
||||
|
||||
/* IP to listen on. */
|
||||
ip = "0.0.0.0"
|
||||
|
||||
/* Port to listen on. */
|
||||
port = 8080
|
||||
|
||||
/* Time before connections to this server are timed out. */
|
||||
timeout = 30
|
||||
|
||||
/* Listen using SSL. Requires an SSL module. */
|
||||
#ssl = yes
|
||||
|
||||
/* If you are using a reverse proxy that sends one of the
|
||||
* extforward_headers set below, set this to its IP.
|
||||
* This allows services to obtain the real IP of users by
|
||||
* reading the forwarded-for HTTP header.
|
||||
*/
|
||||
#extforward_ip = "192.168.0.255"
|
||||
|
||||
/* The header to look for. These probably work as is. */
|
||||
extforward_header = "X-Forwarded-For Forwarded-For"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* m_ldap_oper [EXTRA]
|
||||
*
|
||||
* This module dynamically ties users to Anope opertypes when they identify
|
||||
* via LDAP group membership. Requires m_ldap.
|
||||
*
|
||||
* Note that this doesn't give the user privileges on the IRCd, only in Services.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_ldap_oper"
|
||||
|
||||
/*
|
||||
* An optional binddn to use when searching for groups.
|
||||
* %a is replaced with the account name of the user.
|
||||
*/
|
||||
#binddn = "cn=Manager,dc=anope,dc=org"
|
||||
|
||||
/*
|
||||
* An optional password to bind with.
|
||||
*/
|
||||
#password = "secret"
|
||||
|
||||
/*
|
||||
* The base DN where the groups are.
|
||||
*/
|
||||
basedn = "ou=groups,dc=anope,dc=org"
|
||||
|
||||
/*
|
||||
* The filter to use when searching for users.
|
||||
* %a is replaced with the account name of the user.
|
||||
*/
|
||||
filter = "(member=uid=%a,ou=users,dc=anope,dc=org)"
|
||||
|
||||
/*
|
||||
* The attribute of the group that is the name of the opertype.
|
||||
* The cn attribute should match a known opertype in the config.
|
||||
*/
|
||||
opertype_attribute = "cn"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_mysql [EXTRA]
|
||||
*
|
||||
* This module allows other modules to use MySQL.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_mysql"
|
||||
|
||||
mysql
|
||||
{
|
||||
/* The name of this service. */
|
||||
name = "mysql/main"
|
||||
database = "anope"
|
||||
server = "127.0.0.1"
|
||||
username = "anope"
|
||||
password =
|
||||
port = 3306
|
||||
}
|
||||
}
|
||||
/*
|
||||
* m_redis
|
||||
*
|
||||
* This module allows other modules to use Redis.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_redis"
|
||||
|
||||
/* A redis database */
|
||||
redis
|
||||
{
|
||||
/* The name of this service */
|
||||
name = "redis/main"
|
||||
|
||||
/*
|
||||
* The redis database to use. New connections default to 0.
|
||||
*/
|
||||
db = 0
|
||||
|
||||
ip = "127.0.0.1"
|
||||
port = 6379
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* m_regex_pcre [EXTRA]
|
||||
*
|
||||
* Provides the regex engine regex/pcre, which uses the Perl Compatible Regular Expressions library.
|
||||
*/
|
||||
#module { name = "m_regex_pcre" }
|
||||
|
||||
/*
|
||||
* m_regex_posix [EXTRA]
|
||||
*
|
||||
* Provides the regex engine regex/posix, which uses the POSIX compliant regular expressions.
|
||||
* This is likely the only regex module you will not need extra libraries for.
|
||||
*/
|
||||
#module { name = "m_regex_posix" }
|
||||
|
||||
/*
|
||||
* m_regex_tre [EXTRA]
|
||||
*
|
||||
* Provides the regex engine regex/tre, which uses the TRE regex library.
|
||||
*/
|
||||
#module { name = "m_regex_tre" }
|
||||
|
||||
/*
|
||||
* m_rewrite
|
||||
*
|
||||
* Allows rewriting commands sent to/from clients.
|
||||
*/
|
||||
#module { name = "m_rewrite" }
|
||||
#command
|
||||
{
|
||||
service = "ChanServ"; name = "CLEAR"; command = "rewrite"
|
||||
|
||||
/* Enable m_rewrite. */
|
||||
rewrite = true
|
||||
|
||||
/* Source message to match. A $ can be used to match anything. */
|
||||
rewrite_source = "CLEAR $ USERS"
|
||||
|
||||
/*
|
||||
* Message to rewrite the source message to. A $ followed by a number, eg $0, gets
|
||||
* replaced by the number-th word from the source_message, starting from 0.
|
||||
*/
|
||||
rewrite_target = "KICK $1 *"
|
||||
|
||||
/*
|
||||
* The command description. This only shows up in HELP's output.
|
||||
* Comment this option to prevent the command from showing in the
|
||||
* HELP command.
|
||||
*/
|
||||
rewrite_description = "Clears all users from a channel"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_proxyscan
|
||||
*
|
||||
* This module allows you to scan connecting clients for open proxies.
|
||||
* Note that using this will allow users to get the IP of your services.
|
||||
*
|
||||
* Currently the two supported proxy types are HTTP and SOCKS5.
|
||||
*
|
||||
* The proxy scanner works by attempting to connect to clients when they
|
||||
* connect to the network, and if they have a proxy running instruct it to connect
|
||||
* back to services. If services are able to connect through the proxy to itself
|
||||
* then it knows it is an insecure proxy, and will ban it.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_proxyscan"
|
||||
|
||||
/*
|
||||
* The target IP services tells the proxy to connect back to. This must be a publicly
|
||||
* available IP that remote proxies can connect to.
|
||||
*/
|
||||
#target_ip = "127.0.0.1"
|
||||
|
||||
/*
|
||||
* The port services tells the proxy to connect to.
|
||||
*/
|
||||
target_port = 7226
|
||||
|
||||
/*
|
||||
* The listen IP services listen on for incoming connections from suspected proxies.
|
||||
* This probably will be the same as target_ip, but may not be if you are behind a firewall (NAT).
|
||||
*/
|
||||
#listen_ip = "127.0.0.1"
|
||||
|
||||
/*
|
||||
* The port services should listen on for incoming connections from suspected proxies.
|
||||
* This most likely will be the same as target_port.
|
||||
*/
|
||||
listen_port = 7226
|
||||
|
||||
/*
|
||||
* An optional notice sent to clients upon connect.
|
||||
*/
|
||||
#connect_notice = "We will now scan your host for insecure proxies. If you do not consent to this scan please disconnect immediately."
|
||||
|
||||
/*
|
||||
* Who the notice should be sent from.
|
||||
*/
|
||||
#connect_source = "OperServ"
|
||||
|
||||
/*
|
||||
* If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends
|
||||
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being filled up by bots.
|
||||
*/
|
||||
add_to_akill = yes
|
||||
|
||||
/*
|
||||
* How long before connections should be timed out.
|
||||
*/
|
||||
timeout = 5
|
||||
|
||||
proxyscan
|
||||
{
|
||||
/* The type of proxy to check for. A comma separated list is allowed. */
|
||||
type = "HTTP"
|
||||
|
||||
/* The ports to check. */
|
||||
port = "80,8080"
|
||||
|
||||
/* How long to set the ban for. */
|
||||
time = 4h
|
||||
|
||||
/*
|
||||
* The reason to ban the user for.
|
||||
* %h is replaced with the type of proxy found.
|
||||
* %i is replaced with the IP of proxy found.
|
||||
* %p is replaced with the port.
|
||||
*/
|
||||
reason = "You have an open proxy running on your host (%t:%i:%p)"
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* m_sasl
|
||||
*
|
||||
* Some IRCds allow "SASL" authentication to let users identify to Services
|
||||
* during the IRCd user registration process. If this module is loaded, Services will allow
|
||||
* authenticating users through this mechanism. Supported mechanisms are:
|
||||
* PLAIN, EXTERNAL.
|
||||
*/
|
||||
module { name = "m_sasl" }
|
||||
|
||||
/*
|
||||
* m_sasl_dh-aes [EXTRA]
|
||||
*
|
||||
* Add the DH-AES mechanism to SASL.
|
||||
* Requires m_sasl to be loaded.
|
||||
* Requires openssl.
|
||||
*/
|
||||
#module { name = "m_sasl_dh-aes" }
|
||||
|
||||
/*
|
||||
* m_sasl_dh-blowfish [EXTRA]
|
||||
*
|
||||
* Add the DH-BLOWFISH mechanism to SASL.
|
||||
* Requires m_sasl to be loaded.
|
||||
* Requires openssl.
|
||||
*/
|
||||
#module { name = "m_sasl_dh-blowfish" }
|
||||
|
||||
/*
|
||||
* m_ssl_gnutls [EXTRA]
|
||||
*
|
||||
* This module provides SSL services to Anope using GnuTLS, for example to
|
||||
* connect to the uplink server(s) via SSL.
|
||||
*
|
||||
* You may only load either m_ssl_gnutls or m_ssl_openssl, bot not both.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_ssl_gnutls"
|
||||
|
||||
/*
|
||||
* An optional certificate and key for m_ssl_gnutls to give to the uplink.
|
||||
*
|
||||
* You can generate your own certificate and key pair by using:
|
||||
*
|
||||
* certtool --generate-privkey --bits 2048 --outfile anope.key
|
||||
* certtool --generate-self-signed --load-privkey anope.key --outfile anope.crt
|
||||
*
|
||||
*/
|
||||
cert = "data/anope.crt"
|
||||
key = "data/anope.key"
|
||||
|
||||
/*
|
||||
* Diffie-Hellman parameters to use when acting as a server. This is only
|
||||
* required for TLS servers that want to use ephemeral DH cipher suites.
|
||||
*
|
||||
* This is NOT required for Anope to connect to the uplink server(s) via SSL.
|
||||
*
|
||||
* You can generate DH parameters by using:
|
||||
*
|
||||
* certtool --generate-dh-params --bits 2048 --outfile dhparams.pem
|
||||
*
|
||||
*/
|
||||
# dhparams = "data/dhparams.pem"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_ssl_openssl [EXTRA]
|
||||
*
|
||||
* This module provides SSL services to Anope using OpenSSL, for example to
|
||||
* connect to the uplink server(s) via SSL.
|
||||
*
|
||||
* You may only load either m_ssl_openssl or m_ssl_gnutls, bot not both.
|
||||
*
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_ssl_openssl"
|
||||
|
||||
/*
|
||||
* An optional certificate and key for m_ssl_openssl to give to the uplink.
|
||||
*
|
||||
* You can generate your own certificate and key pair by using:
|
||||
*
|
||||
* openssl genrsa -out anope.key 2048
|
||||
* openssl req -new -x509 -key anope.key -out anope.crt -days 1095
|
||||
*/
|
||||
cert = "data/anope.crt"
|
||||
key = "data/anope.key"
|
||||
|
||||
/*
|
||||
* As of 2014 SSL 3.0 is considered insecure, but it might be enabled
|
||||
* on some systems by default for compatibility reasons.
|
||||
* You can use the following option to enable or disable it explicitly.
|
||||
* Leaving this option not set defaults to the default system behavior.
|
||||
*/
|
||||
sslv3 = no
|
||||
}
|
||||
|
||||
/*
|
||||
* m_sql_authentication [EXTRA]
|
||||
*
|
||||
* This module allows authenticating users against an external SQL database using a custom
|
||||
* query.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_sql_authentication"
|
||||
|
||||
/* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */
|
||||
engine = "mysql/main"
|
||||
|
||||
/* Query to execute to authenticate. A non empty result from this query is considered a success,
|
||||
* and the user will be authenticated.
|
||||
*
|
||||
* @a@ is replaced with the user's account name
|
||||
* @p@ is replaced with the user's password
|
||||
* @n@ is replaced with the user's nickname
|
||||
* @i@ is replaced with the user's IP
|
||||
*
|
||||
* Note that @n@ and @i@ may not always exist in the case of a user identifying outside of the normal
|
||||
* nickserv/identify command, such as through the web panel.
|
||||
*
|
||||
* Furthermore, if a field named email is returned from this query the user's email is
|
||||
* set to its value.
|
||||
*
|
||||
*
|
||||
* We've included some example queries for some popular website/forum systems.
|
||||
*
|
||||
* Drupal 6: "SELECT `mail` AS `email` FROM `users` WHERE `name` = @a@ AND `pass` = MD5(@p@) AND `status` = 1"
|
||||
* e107 cms: "SELECT `user_email` AS `email` FROM `e107_user` WHERE `user_loginname` = @a@ AND `user_password` = MD5(@p@)"
|
||||
* SMF Forum: "SELECT `email_address` AS `email` FROM `smf_members` WHERE `member_name` = @a@ AND `passwd` = SHA1(CONCAT(LOWER(@a@), @p@))"
|
||||
* vBulletin: "SELECT `email` FROM `user` WHERE `username` = @a@ AND `password` = MD5(CONCAT(MD5(@p@), `salt`))"
|
||||
* IP.Board: "SELECT `email` FROM `ibf_members` WHERE `name` = @a@ AND `members_pass_hash` = MD5(CONCAT(MD5(`members_pass_salt`), MD5(@p@)))"
|
||||
*/
|
||||
query = "SELECT `email_addr` AS `email` FROM `my_users` WHERE `username` = @a@ AND `password` = MD5(CONCAT('salt', @p@))"
|
||||
|
||||
/*
|
||||
* If set, the reason to give the users who try to "/msg NickServ REGISTER".
|
||||
* If not set, then registration is not blocked.
|
||||
*/
|
||||
#disable_reason = "To register on this network visit http://some.misconfigured.site/register"
|
||||
|
||||
/*
|
||||
* If set, the reason to give the users who try to "/msg NickServ SET EMAIL".
|
||||
* If not set, then email changing is not blocked.
|
||||
*/
|
||||
#disable_email_reason = "To change your email address visit http://some.misconfigured.site"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_sql_log [EXTRA]
|
||||
*
|
||||
* This module adds an additional target option to log{} blocks
|
||||
* that allows logging Service's logs to SQL. To log to SQL, add
|
||||
* the SQL service name to log:targets prefixed by sql_log:. For
|
||||
* example:
|
||||
*
|
||||
* log
|
||||
* {
|
||||
* targets = "services.log sql_log:mysql/main"
|
||||
* ...
|
||||
* }
|
||||
*
|
||||
* By default this module logs to the table `logs`, and will create
|
||||
* it if it doesn't exist. This module does not create any indexes (keys)
|
||||
* on the table and it is recommended you add them yourself as necessary.
|
||||
*/
|
||||
#module { name = "m_sql_log" }
|
||||
|
||||
/*
|
||||
* m_sql_oper [EXTRA]
|
||||
*
|
||||
* This module allows granting users services operator privileges and possibly IRC Operator
|
||||
* privileges based on an external SQL database using a custom query.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_sql_oper"
|
||||
|
||||
/* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */
|
||||
engine = "mysql/main"
|
||||
|
||||
/* Query to execute to determine if a user should have operator privileges.
|
||||
* A field named opertype must be returned in order to link the user to their oper type.
|
||||
* The oper types must be configured earlier in services.conf.
|
||||
*
|
||||
* If a field named modes is returned from this query then those modes are set on the user.
|
||||
* Without this, only a simple +o is sent.
|
||||
*
|
||||
* @a@ is replaced with the user's account name
|
||||
* @i@ is replaced with the user's IP
|
||||
*/
|
||||
query = "SELECT `opertype` FROM `my_users` WHERE `user_name` = @a@"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_sqlite [EXTRA]
|
||||
*
|
||||
* This module allows other modules to use SQLite.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_sqlite"
|
||||
|
||||
/* A SQLite database */
|
||||
sqlite
|
||||
{
|
||||
/* The name of this service. */
|
||||
name = "sqlite/main"
|
||||
|
||||
/* The database name, it will be created if it does not exist. */
|
||||
database = "anope.db"
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* webcpanel
|
||||
*
|
||||
* This module creates a web configuration panel that allows users and operators to perform any task
|
||||
* as they could over IRC. If you are using the default configuration you should be able to access
|
||||
* this panel by visiting http://127.0.0.1:8080 in your web browser from the machine Anope is running on.
|
||||
*
|
||||
* This module requires m_httpd.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "webcpanel"
|
||||
|
||||
/* Web server to use. */
|
||||
server = "httpd/main";
|
||||
|
||||
/* Template to use. */
|
||||
template = "default";
|
||||
|
||||
/* Page title. */
|
||||
title = "Anope IRC Services";
|
||||
}
|
||||
|
||||
/*
|
||||
* m_xmlrpc
|
||||
*
|
||||
* Allows remote applications (websites) to execute queries in real time to retrieve data from Anope.
|
||||
* By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "m_xmlrpc"
|
||||
|
||||
/* Web service to use. Requires m_httpd. */
|
||||
server = "httpd/main"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_xmlrpc_main
|
||||
*
|
||||
* Adds the main XMLRPC core functions.
|
||||
* Requires m_xmlrpc.
|
||||
*/
|
||||
#module { name = "m_xmlrpc_main" }
|
|
@ -0,0 +1,662 @@
|
|||
/*
|
||||
* Example configuration file for NickServ.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the NickServ client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the nickserv module too.
|
||||
*/
|
||||
nick = "NickServ"
|
||||
|
||||
/*
|
||||
* The username of the NickServ client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the NickServ client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the NickServ client.
|
||||
*/
|
||||
gecos = "Nickname Registration Service"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core NickServ module.
|
||||
*
|
||||
* Provides essential functionality for NickServ.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "nickserv"
|
||||
|
||||
/*
|
||||
* The name of the client that should be NickServ.
|
||||
*/
|
||||
client = "NickServ"
|
||||
|
||||
/*
|
||||
* Force users to give an e-mail address when they register a nick.
|
||||
*
|
||||
* This directive defaults to "yes" and is recommended to be enabled. This is required if e-mail registration is enabled.
|
||||
*/
|
||||
forceemail = no
|
||||
|
||||
/*
|
||||
* Require users who change their email address to confirm they
|
||||
* own their new email.
|
||||
*/
|
||||
confirmemailchanges = no
|
||||
|
||||
/*
|
||||
* A message sent to users on connect if they use an unregistered nick.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
unregistered_notice = "Your nickname is not registered. If you would like it registered, contact a netadmin (identified by ^) in #lobby to get it registered."
|
||||
|
||||
/*
|
||||
* The default options for newly registered nicks. Note that changing these options
|
||||
* will have no effect on nicks which are already registered. The list must be separated
|
||||
* by spaces.
|
||||
*
|
||||
* The options are:
|
||||
* - killprotect: Kill nick if not identified within 60 seconds
|
||||
* - kill_quick: Kill nick if not identified within 20 seconds, this one overrides the above
|
||||
* option and the above must be specified with this one
|
||||
* - ns_secure: Enable nickname security, requiring the nick's password before any operations
|
||||
* can be done on it
|
||||
* - ns_private: Hide the nick from NickServ's LIST command
|
||||
* - hide_email: Hide's the nick's e-mail address from NickServ's INFO command
|
||||
* - hide_mask: Hide's the nick's last or current user@host from NickServ's INFO command
|
||||
* - hide_quit: Hide's the nick's last quit message
|
||||
* - memo_signon: Notify user if they have a new memo when they sign into the nick
|
||||
* - memo_receive: Notify user if they have a new memo as soon as it's received
|
||||
* - memo_mail: Notify user if they have a new memo by mail
|
||||
* - autoop: User will be automatically opped in channels they enter and have access to
|
||||
* - msg: Services messages will be sent as PRIVMSGs instead of NOTICEs, requires
|
||||
* options:useprivmsg to be enabled as well
|
||||
* - ns_keepmodes: Enables keepmodes, which retains user modes across sessions
|
||||
*
|
||||
* This directive is optional, if left blank, the options will default to ns_secure, memo_signon, and
|
||||
* memo_receive. If you really want no defaults, use "none" by itself as the option.
|
||||
*/
|
||||
defaults = "ns_secure ns_private hide_email hide_mask memo_signon memo_receive autoop killprotect"
|
||||
|
||||
/*
|
||||
* The minimum length of time between consecutive uses of NickServ's REGISTER command. This
|
||||
* directive is optional, but recommended. If not set, this restriction will be disabled.
|
||||
*/
|
||||
regdelay = 30s
|
||||
|
||||
/*
|
||||
* The length of time before a nick's registration expires.
|
||||
*
|
||||
* This directive is optional, but recommended. If not set, the default is 21 days.
|
||||
*/
|
||||
expire = 3650d
|
||||
|
||||
/*
|
||||
* Prevents the use of the ACCESS and CERT (excluding their LIST subcommand), DROP, FORBID, SUSPEND,
|
||||
* GETPASS and SET PASSWORD commands by services operators on other services operators.
|
||||
*
|
||||
* This directive is optional, but recommended.
|
||||
*/
|
||||
secureadmins = yes
|
||||
|
||||
/*
|
||||
* If set, Services will set the channel modes a user has access to upon identifying, assuming
|
||||
* they are not already set.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
modeonid = yes
|
||||
|
||||
/*
|
||||
* If set, Services will set these user modes on any user who identifies.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#modesonid = "+R"
|
||||
|
||||
/*
|
||||
* If set, Services will not show netsplits in the last quit message field
|
||||
* of NickServ's INFO command.
|
||||
*/
|
||||
hidenetsplitquit = no
|
||||
|
||||
/*
|
||||
* If set, is the length of time NickServ's killquick and kill options wait before
|
||||
* forcing users off of protected nicknames.
|
||||
*/
|
||||
killquick = 20s
|
||||
kill = 60s
|
||||
|
||||
/*
|
||||
* If set, forbids the registration of nicks that contain an existing
|
||||
* nick with Services access. For example, if Tester is a Services Oper,
|
||||
* you can't register NewTester or Tester123 unless you are an IRC
|
||||
* Operator.
|
||||
*
|
||||
* NOTE: If you enable this, you will have to be logged in as an IRC
|
||||
* operator in order to register a Services Root nick when setting up
|
||||
* Anope for the first time.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
restrictopernicks = yes
|
||||
|
||||
/*
|
||||
* The username, and possibly hostname, used for fake users created when Services needs to
|
||||
* hold a nickname.
|
||||
*/
|
||||
enforceruser = "enforcer"
|
||||
enforcerhost = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The length of time Services hold nicknames.
|
||||
*
|
||||
* This directive is optional, but recommended. If not set it defaults to 1 minute.
|
||||
*/
|
||||
releasetimeout = 1m
|
||||
|
||||
/*
|
||||
* When a user's nick is forcibly changed to enforce a "nick kill", their new nick will start
|
||||
* with this value. The rest will be made up of 6 or 7 digits.
|
||||
* Make sure this is a valid nick and Nicklen+7 is not longer than the allowed Nicklen on your ircd.
|
||||
*
|
||||
* This directive is optional. If not set it defaults to "Guest"
|
||||
*/
|
||||
guestnickprefix = "Guest"
|
||||
|
||||
/*
|
||||
* If set, Services do not allow ownership of nick names, only ownership of accounts.
|
||||
*/
|
||||
nonicknameownership = no
|
||||
|
||||
/*
|
||||
* The maximum length of passwords
|
||||
*
|
||||
* This directive is optional. If not set it defaults to 32.
|
||||
*/
|
||||
passlen = 32
|
||||
}
|
||||
|
||||
/*
|
||||
* Core NickServ commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Command group configuration for NickServ.
|
||||
*
|
||||
* Commands may optionally be placed into groups to make NickServ's HELP output easier to understand.
|
||||
* Remove the following groups to use the old behavior of simply listing all NickServ commands from HELP.
|
||||
*/
|
||||
command_group
|
||||
{
|
||||
name = "nickserv/admin"
|
||||
description = _("Services Operator commands")
|
||||
}
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "NickServ"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* ns_access
|
||||
*
|
||||
* Provides the command nickserv/access.
|
||||
*
|
||||
* Used for configuring what hosts have access to your account.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_access"
|
||||
|
||||
/*
|
||||
* The maximum number of entries allowed on a nickname's access list.
|
||||
* If not set, the default is 32. This number cannot be set to 0.
|
||||
*/
|
||||
accessmax = 32
|
||||
|
||||
/*
|
||||
* If set, Services will add the usermask of registering users to the access list of their
|
||||
* newly created account. If not set, users will always have to identify to NickServ before
|
||||
* being recognized, unless they manually add an address to the access list of their account.
|
||||
* This directive is optional.
|
||||
*/
|
||||
addaccessonreg = yes
|
||||
}
|
||||
command { service = "NickServ"; name = "ACCESS"; command = "nickserv/access"; }
|
||||
|
||||
/*
|
||||
* ns_ajoin
|
||||
*
|
||||
* Provides the command nickserv/ajoin.
|
||||
*
|
||||
* Used for configuring channels to join once you identify.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_ajoin"
|
||||
|
||||
/*
|
||||
* The maximum number of channels a user can have on NickServ's AJOIN command.
|
||||
*/
|
||||
ajoinmax = 50
|
||||
}
|
||||
command { service = "NickServ"; name = "AJOIN"; command = "nickserv/ajoin"; }
|
||||
|
||||
/*
|
||||
* ns_alist
|
||||
*
|
||||
* Provides the command nickserv/alist.
|
||||
*
|
||||
* Used for viewing what channels you have access to.
|
||||
*/
|
||||
module { name = "ns_alist" }
|
||||
command { service = "NickServ"; name = "ALIST"; command = "nickserv/alist"; }
|
||||
|
||||
/*
|
||||
* ns_cert
|
||||
*
|
||||
* Provides the command nickserv/cert.
|
||||
*
|
||||
* Used for configuring your SSL certificate list, which can be used to automatically identify you.
|
||||
*
|
||||
module
|
||||
{
|
||||
name = "ns_cert"
|
||||
|
||||
/*
|
||||
* The maximum number of entries allowed on a nickname's certificate fingerprint list.
|
||||
* The default is 5. This number cannot be set to 0.
|
||||
*
|
||||
max = 5
|
||||
}
|
||||
command { service = "NickServ"; name = "CERT"; command = "nickserv/cert"; }
|
||||
*/
|
||||
/*
|
||||
* ns_drop
|
||||
*
|
||||
* Provides the command nickserv/drop.
|
||||
*
|
||||
* Used for unregistering names.
|
||||
*/
|
||||
module { name = "ns_drop" }
|
||||
command { service = "NickServ"; name = "DROP"; command = "nickserv/drop"; }
|
||||
|
||||
/*
|
||||
* ns_getemail
|
||||
*
|
||||
* Provides the command nickserv/getemail.
|
||||
*
|
||||
* Used for getting registered accounts by searching for emails.
|
||||
*/
|
||||
module { name = "ns_getemail" }
|
||||
command { service = "NickServ"; name = "GETEMAIL"; command = "nickserv/getemail"; permission = "nickserv/getemail"; group = "nickserv/admin"; }
|
||||
|
||||
/*
|
||||
* ns_getpass
|
||||
*
|
||||
* Provides the command nickserv/getpass.
|
||||
*
|
||||
* Used for getting users passwords.
|
||||
*
|
||||
* Requires no encryption is being used.
|
||||
*/
|
||||
#module { name = "ns_getpass" }
|
||||
#command { service = "NickServ"; name = "GETPASS"; command = "nickserv/getpass"; permission = "nickserv/getpass"; }
|
||||
|
||||
/*
|
||||
* ns_group
|
||||
*
|
||||
* Provides the commands nickserv/group, nickserv/glist, and nickserv/ungroup.
|
||||
*
|
||||
* Used for controlling nick groups.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_group"
|
||||
|
||||
/*
|
||||
* The maximum number of nicks allowed in a group.
|
||||
*
|
||||
* This directive is optional, but recommended. If not set or set to 0, no limits will be applied.
|
||||
*/
|
||||
maxaliases = 16
|
||||
|
||||
/*
|
||||
* If set, the NickServ GROUP command won't allow any group changes. This is recommended to
|
||||
* prevent users from accidentally dropping their nicks, as it forces users to explicitly
|
||||
* drop their nicks before adding it to another group.
|
||||
*
|
||||
* This directive is optional, but recommended.
|
||||
*/
|
||||
nogroupchange = yes
|
||||
}
|
||||
command { service = "NickServ"; name = "GLIST"; command = "nickserv/glist"; }
|
||||
command { service = "NickServ"; name = "GROUP"; command = "nickserv/group"; }
|
||||
command { service = "NickServ"; name = "UNGROUP"; command = "nickserv/ungroup"; }
|
||||
|
||||
/*
|
||||
* ns_identify
|
||||
*
|
||||
* Provides the command nickserv/identify.
|
||||
*
|
||||
* Used for identifying to accounts.
|
||||
*/
|
||||
module { name = "ns_identify" }
|
||||
command { service = "NickServ"; name = "ID"; command = "nickserv/identify"; hide = true; }
|
||||
command { service = "NickServ"; name = "IDENTIFY"; command = "nickserv/identify"; }
|
||||
|
||||
/*
|
||||
* ns_info
|
||||
*
|
||||
* Provides the commands:
|
||||
* nickserv/info. - Used for gathering information about an account.
|
||||
* nickserv/set/hide, nickserv/saset/hide - Used for configuring which options are publically shown in nickserv/info.
|
||||
*
|
||||
*/
|
||||
module { name = "ns_info" }
|
||||
command { service = "NickServ"; name = "INFO"; command = "nickserv/info"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET HIDE"; command = "nickserv/set/hide"; }
|
||||
command { service = "NickServ"; name = "SASET HIDE"; command = "nickserv/saset/hide"; permission = "nickserv/saset/hide"; }
|
||||
|
||||
|
||||
/*
|
||||
* ns_list
|
||||
*
|
||||
* Provides the commands:
|
||||
* nickserv/list - Used for retrieving and searching the registered account list.
|
||||
* nickserv/set/private, nickserv/saset/private - Used for configuring whether or a users account shows up in nickserv/list.
|
||||
*
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_list"
|
||||
|
||||
/*
|
||||
* The maximum number of nicks to be returned for a NickServ LIST command.
|
||||
*/
|
||||
listmax = 50
|
||||
}
|
||||
command { service = "NickServ"; name = "LIST"; command = "nickserv/list"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET PRIVATE"; command = "nickserv/set/private"; }
|
||||
command { service = "NickServ"; name = "SASET PRIVATE"; command = "nickserv/saset/private"; permission = "nickserv/saset/private"; }
|
||||
|
||||
|
||||
/*
|
||||
* ns_logout
|
||||
*
|
||||
* Provides the command nickserv/logout.
|
||||
*
|
||||
* Used for logging out of your account.
|
||||
*/
|
||||
module { name = "ns_logout" }
|
||||
command { service = "NickServ"; name = "LOGOUT"; command = "nickserv/logout"; }
|
||||
|
||||
/*
|
||||
* ns_recover
|
||||
*
|
||||
* Provides the command nickserv/recover.
|
||||
*
|
||||
* Used for recovering your nick from services or another user.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_recover"
|
||||
|
||||
/*
|
||||
* If set, Services will svsnick and svsjoin users who use the recover
|
||||
* command on an identified user to the nick and channels of the recovered user.
|
||||
*
|
||||
* This directive is opional.
|
||||
*/
|
||||
restoreonrecover = yes
|
||||
}
|
||||
command { service = "NickServ"; name = "RECOVER"; command = "nickserv/recover"; }
|
||||
# Uncomment below to emulate 1.8's behavior of ghost and release.
|
||||
#command { service = "NickServ"; name = "GHOST"; command = "nickserv/recover"; }
|
||||
#command { service = "NickServ"; name = "RELEASE"; command = "nickserv/recover"; }
|
||||
|
||||
/*
|
||||
* ns_register
|
||||
*
|
||||
* Provides the commands nickserv/confirm, nickserv/register, and nickserv/resend.
|
||||
*
|
||||
* Used for registering accounts.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_register"
|
||||
|
||||
/*
|
||||
* Registration confirmation setting. Set to "none" for no registration confirmation,
|
||||
* "mail" for email confirmation, and "admin" to have services operators manually confirm
|
||||
* every registration. Set to "disable" to completely disable all registrations.
|
||||
*/
|
||||
registration = "none"
|
||||
|
||||
/*
|
||||
* The minimum length of time between consecutive uses of NickServ's RESEND command.
|
||||
*
|
||||
* This directive is optional, but recommended. If not set, this restriction will be disabled.
|
||||
*/
|
||||
resenddelay = 90s
|
||||
|
||||
/*
|
||||
* Prevents users from registering their nick if they are not connected
|
||||
* for at least the given number of seconds.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#nickregdelay = 30s
|
||||
|
||||
/*
|
||||
* The length of time a user using an unconfirmed account has
|
||||
* before the account will be released for general use again.
|
||||
*/
|
||||
#unconfirmedexpire = 1d
|
||||
}
|
||||
#command { service = "NickServ"; name = "CONFIRM"; command = "nickserv/confirm"; }
|
||||
command { service = "NickServ"; name = "REGISTER"; command = "nickserv/register"; }
|
||||
#command { service = "NickServ"; name = "RESEND"; command = "nickserv/resend"; }
|
||||
|
||||
/*
|
||||
* ns_resetpass
|
||||
*
|
||||
* Provides the command nickserv/resetpass.
|
||||
*
|
||||
* Used for resetting passwords by emailing users a temporary one.
|
||||
*/
|
||||
/*module { name = "ns_resetpass" }
|
||||
command { service = "NickServ"; name = "RESETPASS"; command = "nickserv/resetpass"; }
|
||||
*/
|
||||
|
||||
/*
|
||||
* ns_set
|
||||
*
|
||||
* Provides the commands:
|
||||
* nickserv/set, nickserv/saset - Dummy help wrappers for the SET and SASET commands.
|
||||
* nickserv/set/autoop, nickserv/saset/autoop - Determines whether or not modes are automatically set users when joining a channel.
|
||||
* nickserv/set/display, nickserv/saset/display - Used for setting a users display name.
|
||||
* nickserv/set/email, nickserv/saset/email - Used for setting a users email address.
|
||||
* nickserv/set/keepmodes, nickserv/saset/keepmodes - Configure whether or not services should retain a user's modes across sessions.
|
||||
* nickserv/set/kill, nickserv/saset/kill - Used for configuring nickname protection.
|
||||
* nickserv/set/language, nickserv/saset/language - Used for configuring what language services use.
|
||||
* nickserv/set/message, nickserv/saset/message - Used to configure how services send messages to you.
|
||||
* nickserv/set/password, nickserv/saset/password - Used for changing a users password.
|
||||
* nickserv/set/secure, nickserv/saset/secure - Used for configuring whether a user can identify by simply being recognized by nickserv/access.
|
||||
* nickserv/saset/noexpire - Used for configuring noexpire, which prevents nicks from expiring.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_set"
|
||||
|
||||
/*
|
||||
* Allow the use of the IMMED option in the NickServ SET KILL command.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#allowkillimmed = yes
|
||||
}
|
||||
|
||||
command { service = "NickServ"; name = "SET"; command = "nickserv/set"; }
|
||||
command { service = "NickServ"; name = "SASET"; command = "nickserv/saset"; permission = "nickserv/saset/"; group = "nickserv/admin"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET AUTOOP"; command = "nickserv/set/autoop"; }
|
||||
command { service = "NickServ"; name = "SASET AUTOOP"; command = "nickserv/saset/autoop"; permission = "nickserv/saset/autoop"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET DISPLAY"; command = "nickserv/set/display"; }
|
||||
command { service = "NickServ"; name = "SASET DISPLAY"; command = "nickserv/saset/display"; permission = "nickserv/saset/display"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET EMAIL"; command = "nickserv/set/email"; }
|
||||
command { service = "NickServ"; name = "SASET EMAIL"; command = "nickserv/saset/email"; permission = "nickserv/saset/email"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET KEEPMODES"; command = "nickserv/set/keepmodes"; }
|
||||
command { service = "NickServ"; name = "SASET KEEPMODES"; command = "nickserv/saset/keepmodes"; permission = "nickserv/saset/keepmodes"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET KILL"; command = "nickserv/set/kill"; }
|
||||
command { service = "NickServ"; name = "SASET KILL"; command = "nickserv/saset/kill"; permission = "nickserv/saset/kill"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET LANGUAGE"; command = "nickserv/set/language"; }
|
||||
command { service = "NickServ"; name = "SASET LANGUAGE"; command = "nickserv/saset/language"; permission = "nickserv/saset/language"; }
|
||||
|
||||
command { service = "NickServ"; name = "SET MESSAGE"; command = "nickserv/set/message"; }
|
||||
command { service = "NickServ"; name = "SASET MESSAGE"; command = "nickserv/saset/message"; permission = "nickserv/saset/message"; }
|
||||
|
||||
/* command { service = "NickServ"; name = "SET PASSWORD"; command = "nickserv/set/password"; }
|
||||
command { service = "NickServ"; name = "SASET PASSWORD"; command = "nickserv/saset/password"; permission = "nickserv/saset/password"; }
|
||||
*/
|
||||
command { service = "NickServ"; name = "SET SECURE"; command = "nickserv/set/secure"; }
|
||||
command { service = "NickServ"; name = "SASET SECURE"; command = "nickserv/saset/secure"; permission = "nickserv/saset/secure"; }
|
||||
|
||||
command { service = "NickServ"; name = "SASET NOEXPIRE"; command = "nickserv/saset/noexpire"; permission = "nickserv/saset/noexpire"; }
|
||||
|
||||
|
||||
/*
|
||||
* ns_set_misc
|
||||
*
|
||||
* Provides the command nickserv/set/misc.
|
||||
*
|
||||
* Allows you to create arbitrary commands to set data, and have that data show up in nickserv/info.
|
||||
* A field named misc_description may be given for use with help output.
|
||||
*/
|
||||
module { name = "ns_set_misc" }
|
||||
command { service = "NickServ"; name = "SET URL"; command = "nickserv/set/misc"; misc_description = _("Associate a URL with your account"); }
|
||||
command { service = "NickServ"; name = "SASET URL"; command = "nickserv/saset/misc"; misc_description = _("Associate a URL with this account"); permission = "nickserv/saset/url"; group = "nickserv/admin"; }
|
||||
#command { service = "NickServ"; name = "SET ICQ"; command = "nickserv/set/misc"; misc_description = _("Associate an ICQ account with your account"); }
|
||||
#command { service = "NickServ"; name = "SASET ICQ"; command = "nickserv/saset/misc"; misc_description = _("Associate an ICQ account with this account"); permission = "nickserv/saset/icq"; group = "nickserv/admin"; }
|
||||
#command { service = "NickServ"; name = "SET TWITTER"; command = "nickserv/set/misc"; misc_description = _("Associate a Twitter account with your account"); }
|
||||
#command { service = "NickServ"; name = "SASET TWITTER"; command = "nickserv/saset/misc"; misc_description = _("Associate a Twitter account with this account"); permission = "nickserv/saset/twitter"; group = "nickserv/admin"; }
|
||||
#command { service = "NickServ"; name = "SET FACEBOOK"; command = "nickserv/set/misc"; misc_description = _("Associate a Facebook URL with your account"); }
|
||||
#command { service = "NickServ"; name = "SASET FACEBOOK"; command = "nickserv/saset/misc"; misc_description = _("Associate a Facebook URL with this account"); permission = "nickserv/saset/facebook"; group = "nickserv/admin"; }
|
||||
|
||||
/*
|
||||
* ns_status
|
||||
*
|
||||
* Provides the nickserv/status command.
|
||||
*
|
||||
* Used to determine if a user is recognized or identified by services.
|
||||
*/
|
||||
module { name = "ns_status" }
|
||||
command { service = "NickServ"; name = "STATUS"; command = "nickserv/status"; }
|
||||
|
||||
/*
|
||||
* ns_suspend
|
||||
*
|
||||
* Provides the commands nickserv/suspend and nickserv/unsuspend.
|
||||
*
|
||||
* Used to suspend and unsuspend nicknames. Suspended nicknames can not be used but their settings are preserved.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "ns_suspend"
|
||||
|
||||
/*
|
||||
* The length of time before a suspended nick becomes unsuspended.
|
||||
*
|
||||
* This directive is optional. If not set, the default is never.
|
||||
*/
|
||||
#suspendexpire = 90d
|
||||
|
||||
/*
|
||||
* Settings to show to non-opers in NickServ's INFO output.
|
||||
* Comment to completely disable showing any information about
|
||||
* suspended nicknames to non-opers.
|
||||
*/
|
||||
show = "suspended, by, reason, on, expires"
|
||||
}
|
||||
command { service = "NickServ"; name = "SUSPEND"; command = "nickserv/suspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; }
|
||||
command { service = "NickServ"; name = "UNSUSPEND"; command = "nickserv/unsuspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; }
|
||||
|
||||
/*
|
||||
* ns_update
|
||||
*
|
||||
* Provides the command nickserv/update.
|
||||
*
|
||||
* Used to update your status on all channels, turn on your vHost, etc.
|
||||
*/
|
||||
module { name = "ns_update" }
|
||||
command { service = "NickServ"; name = "UPDATE"; command = "nickserv/update"; }
|
||||
|
||||
|
||||
/*
|
||||
* Extra NickServ related modules.
|
||||
*/
|
||||
|
||||
/*
|
||||
* ns_maxemail
|
||||
*
|
||||
* Limits how many times the same email address may be used in Anope
|
||||
* to register accounts.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "ns_maxemail"
|
||||
|
||||
/*
|
||||
* The limit to how many registered nicks can use the same e-mail address. If set to 0 or left
|
||||
* commented, there will be no limit enforced when registering new accounts or using
|
||||
* /msg NickServ SET EMAIL.
|
||||
*/
|
||||
maxemails = 1
|
||||
}
|
|
@ -0,0 +1,701 @@
|
|||
/*
|
||||
* Example configuration file for OperServ.
|
||||
*/
|
||||
|
||||
/*
|
||||
* First, create the service.
|
||||
*/
|
||||
service
|
||||
{
|
||||
/*
|
||||
* The name of the OperServ client.
|
||||
* If you change this value, you probably want to change the client directive in the configuration for the operserv module too.
|
||||
*/
|
||||
nick = "OperServ"
|
||||
|
||||
/*
|
||||
* The username of the OperServ client.
|
||||
*/
|
||||
user = "services"
|
||||
|
||||
/*
|
||||
* The hostname of the OperServ client.
|
||||
*/
|
||||
host = "ircservices.{{ external_domain }}"
|
||||
|
||||
/*
|
||||
* The realname of the OperServ client.
|
||||
*/
|
||||
gecos = "Operator Service"
|
||||
|
||||
/*
|
||||
* The modes this client should use.
|
||||
* Do not modify this unless you know what you are doing.
|
||||
*
|
||||
* These modes are very IRCd specific. If left commented, sane defaults
|
||||
* are used based on what protocol module you have loaded.
|
||||
*
|
||||
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||
* not all, usefulness of the client. We will not support you if this client is
|
||||
* unable to do certain things if this option is enabled.
|
||||
*/
|
||||
#modes = "+o"
|
||||
|
||||
/*
|
||||
* An optional comma separated list of channels this service should join. Outside
|
||||
* of log channels this is not very useful, as the service will just idle in the
|
||||
* specified channels, and will not accept any types of commands.
|
||||
*
|
||||
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||
*/
|
||||
#channels = "@#services,#mychan"
|
||||
}
|
||||
|
||||
/*
|
||||
* Core OperServ module.
|
||||
*
|
||||
* Provides essential functionality for OperServ.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "operserv"
|
||||
|
||||
/*
|
||||
* The name of the client that should be OperServ.
|
||||
*/
|
||||
client = "OperServ"
|
||||
|
||||
/*
|
||||
* These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs,
|
||||
* and SQLINEs.
|
||||
*/
|
||||
autokillexpiry = 30d
|
||||
chankillexpiry = 30d
|
||||
snlineexpiry = 30d
|
||||
sqlineexpiry = 30d
|
||||
|
||||
/*
|
||||
* If set, this option will make Services send an AKILL command immediately after it has been
|
||||
* added with AKILL ADD. This eliminates the need for killing the user after the AKILL has
|
||||
* been added.
|
||||
*
|
||||
* This directive is optional, but recommended.
|
||||
*/
|
||||
akillonadd = yes
|
||||
|
||||
/*
|
||||
* If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD.
|
||||
* This eliminates the need for killing the user after the SNLINE has been added.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
killonsnline = yes
|
||||
|
||||
/*
|
||||
* If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD.
|
||||
* This eliminates the need for killing the user after the SQLINE has been added.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
killonsqline = yes
|
||||
|
||||
/*
|
||||
* Adds the nickname of the IRC Operator issuing an AKILL to the kill reason.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
addakiller = yes
|
||||
|
||||
/*
|
||||
* Adds akill IDs to akills. Akill IDs are given to users in their ban reason and can be used to easily view,
|
||||
* modify, or remove an akill from the ID.
|
||||
*/
|
||||
akillids = yes
|
||||
|
||||
/*
|
||||
* If set, only IRC Operators will be permitted to use OperServ, regardless of command access restrictions.
|
||||
*
|
||||
* This directive is optional, but recommended.
|
||||
*/
|
||||
opersonly = yes
|
||||
}
|
||||
|
||||
/*
|
||||
* Core OperServ commands.
|
||||
*
|
||||
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||
*
|
||||
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||
*
|
||||
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||
*/
|
||||
|
||||
/* Give it a help command. */
|
||||
command { service = "OperServ"; name = "HELP"; command = "generic/help"; }
|
||||
|
||||
/*
|
||||
* os_akill
|
||||
*
|
||||
* Provides the command operserv/akill.
|
||||
*
|
||||
* Used to ban users from the network.
|
||||
*/
|
||||
module { name = "os_akill" }
|
||||
command { service = "OperServ"; name = "AKILL"; command = "operserv/akill"; permission = "operserv/akill"; }
|
||||
|
||||
/*
|
||||
* os_chankill
|
||||
*
|
||||
* Provides the command operserv/chankill.
|
||||
*
|
||||
* Used to akill users from an entire channel.
|
||||
*/
|
||||
module { name = "os_chankill" }
|
||||
command { service = "OperServ"; name = "CHANKILL"; command = "operserv/chankill"; permission = "operserv/chankill"; }
|
||||
|
||||
/*
|
||||
* os_session
|
||||
*
|
||||
* Provides the commands operserv/exception and operserv/session.
|
||||
*
|
||||
* This module enables session limiting. Session limiting prevents users from connecting more than a certain
|
||||
* number of times from the same IP at the same time - thus preventing most types of cloning.
|
||||
* Once a host reaches it's session limit, all clients attempting to connect from that host will
|
||||
* be killed. Exceptions to the default session limit can be defined via the exception list.
|
||||
*
|
||||
* Used to manage the session limit exception list, and view currently active sessions.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "os_session"
|
||||
|
||||
/*
|
||||
* Default session limit per host. Once a host reaches its session limit, all clients attempting
|
||||
* to connect from that host will be killed.
|
||||
*
|
||||
* This directive is required if os_session is loaded.
|
||||
*/
|
||||
defaultsessionlimit = 3
|
||||
|
||||
/*
|
||||
* The maximum session limit that may be set for a host in an exception.
|
||||
*
|
||||
* This directive is required if os_session is loaded.
|
||||
*/
|
||||
maxsessionlimit = 100
|
||||
|
||||
/*
|
||||
* Sets the default expiry time for session exceptions.
|
||||
*
|
||||
* This directive is required if os_session is loaded.
|
||||
*/
|
||||
exceptionexpiry = 1d
|
||||
|
||||
/*
|
||||
* The message that will be NOTICE'd to a user just before they are removed from the network because
|
||||
* their host's session limit has been exceeded. It may be used to give a slightly more descriptive
|
||||
* reason for the impending kill as opposed to simply "Session limit exceeded".
|
||||
*
|
||||
* This directive is optional, if not set, nothing will be sent.
|
||||
*/
|
||||
sessionlimitexceeded = "The session limit for your IP %IP% has been exceeded."
|
||||
|
||||
/*
|
||||
* Same as above, but should be used to provide a website address where users can find out more
|
||||
* about session limits and how to go about applying for an exception.
|
||||
*
|
||||
* Note: This directive has been intentionally commented out in an effort to remind you to change
|
||||
* the URL it contains. It is recommended that you supply an address/URL where people can get help
|
||||
* regarding session limits.
|
||||
*
|
||||
* This directive is optional, if not set, nothing will be sent.
|
||||
*/
|
||||
#sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits."
|
||||
|
||||
/*
|
||||
* If set and is not 0, this directive tells Services to add an AKILL if the number of subsequent kills
|
||||
* for the same host exceeds this value, preventing the network from experiencing KILL floods.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
maxsessionkill = 15
|
||||
|
||||
/*
|
||||
* Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit.
|
||||
*
|
||||
* This directive is optional, if not set, defaults to 30 minutes.
|
||||
*/
|
||||
sessionautokillexpiry = 30m
|
||||
|
||||
/*
|
||||
* Sets the CIDR value used to determine which IP addresses represent the same person.
|
||||
* By default this would limit 3 connections per IPv4 IP and 3 connections per IPv6 IP.
|
||||
* If you are receiving IPv6 clone attacks it may be useful to set session_ipv6_cidr to
|
||||
* 64 or 48.
|
||||
*/
|
||||
session_ipv4_cidr = 32
|
||||
session_ipv6_cidr = 128
|
||||
}
|
||||
command { service = "OperServ"; name = "EXCEPTION"; command = "operserv/exception"; permission = "operserv/exception"; }
|
||||
command { service = "OperServ"; name = "SESSION"; command = "operserv/session"; permission = "operserv/session"; }
|
||||
|
||||
|
||||
/*
|
||||
* os_defcon
|
||||
*
|
||||
* Provides the command operserv/defcon.
|
||||
*
|
||||
* Allows you to set services in defcon mode, which can be used to restrict services access
|
||||
* during bot attacks.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "os_defcon"
|
||||
|
||||
/*
|
||||
* Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation
|
||||
* while level 1 constitutes the most restrictive operation. If this setting is left out or set to
|
||||
* 0, DefCon will be disabled and the rest of this block will be ignored.
|
||||
*/
|
||||
defaultlevel = 5
|
||||
|
||||
/*
|
||||
* The following 4 directives define what operations will take place when DefCon is set to levels
|
||||
* 1 through 4. Each level is a list that must be separated by spaces.
|
||||
*
|
||||
* The following operations can be defined at each level:
|
||||
* - nonewchannels: Disables registering new channels
|
||||
* - nonewnicks: Disables registering new nicks
|
||||
* - nomlockchanges: Disables changing MLOCK on registered channels
|
||||
* - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive
|
||||
* - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive
|
||||
* - nonewclients: KILL any new clients trying to connect
|
||||
* - operonly: Services will ignore all non-IRCops
|
||||
* - silentoperonly: Services will silently ignore all non-IRCops
|
||||
* - akillnewclients: AKILL any new clients trying to connect
|
||||
* - nonewmemos: No new memos will be sent to block MemoServ attacks
|
||||
*/
|
||||
level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions"
|
||||
level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions"
|
||||
level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly"
|
||||
level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients"
|
||||
|
||||
/*
|
||||
* New session limit to use when a DefCon level is using "reduced" session limiting.
|
||||
*/
|
||||
sessionlimit = 2
|
||||
|
||||
/*
|
||||
* Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the
|
||||
* network.
|
||||
*/
|
||||
akillexpire = 5m
|
||||
|
||||
/*
|
||||
* The channel modes to set on all channels when the DefCon channel mode system is in use.
|
||||
*
|
||||
* Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have
|
||||
* the mode setting selected, Services will set the reverse on all channels, e.g. if this setting
|
||||
* is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all
|
||||
* channels will be set to -RN. You don't want to set this to +k for example, because when DefCon
|
||||
* is removed, all channels are set -k, removing the key from previously keyed channels.
|
||||
*
|
||||
* Note 2: MLOCKed modes will not be lost.
|
||||
*/
|
||||
chanmodes = "+Ri"
|
||||
|
||||
/*
|
||||
* This value can be used to automatically return the network to DefCon level 5 after the specified
|
||||
* time period, just in case any IRC Operator forgets to remove a DefCon setting.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
timeout = 15m
|
||||
|
||||
/*
|
||||
* If set, Services will send a global message on DefCon level changes.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
globalondefcon = yes
|
||||
|
||||
/*
|
||||
* If set, Services will send the global message defined in the message directive on DefCon level
|
||||
* changes.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
#globalondefconmore = yes
|
||||
|
||||
/*
|
||||
* Defines the message that will be sent on DefCon level changes when globalondefconmore is set.
|
||||
*
|
||||
* This directive is required only when globalondefconmore is set.
|
||||
*/
|
||||
#message = "Put your message to send your users here. Don't forget to uncomment globalondefconmore"
|
||||
|
||||
/*
|
||||
* Defines the message that will be sent when DefCon is returned to level 5. This directive is optional,
|
||||
* and will also override globalondefcon and globalondefconmore when set.
|
||||
*/
|
||||
offmessage = "Services are now back to normal; sorry for any inconvenience"
|
||||
|
||||
/*
|
||||
* Defines the reason to use when clients are KILLed or AKILLed from the network while the proper
|
||||
* DefCon operation is in effect.
|
||||
*/
|
||||
akillreason = "This network is currently not accepting connections. We are working on diagnostics, so please try again later."
|
||||
}
|
||||
command { service = "OperServ"; name = "DEFCON"; command = "operserv/defcon"; }
|
||||
|
||||
/*
|
||||
* os_dns
|
||||
*
|
||||
* Provides the command operserv/dns.
|
||||
*
|
||||
* This module requires that m_dns is loaded.
|
||||
*
|
||||
* This module allows controlling a DNS zone. This is useful for
|
||||
* controlling what servers users are placed on for load balancing,
|
||||
* and to automatically remove split servers.
|
||||
*
|
||||
* To use this module you must set a nameserver record for services
|
||||
* so that DNS queries go to services.
|
||||
*
|
||||
* Alternatively, you may use a slave DNS server to hide service's IP,
|
||||
* provide query caching, and provide better fault tolerance.
|
||||
*
|
||||
* To do this using BIND, configure similar to:
|
||||
*
|
||||
* options { max-refresh-time 60; };
|
||||
* zone "irc.example.com" IN {
|
||||
* type slave;
|
||||
* masters { 127.0.0.1 port 5353; };
|
||||
* };
|
||||
*
|
||||
* Where 127.0.0.1:5353 is the IP and port services are listening on.
|
||||
* We recommend you externally firewall both UDP and TCP to the port
|
||||
* Anope is listening on.
|
||||
*
|
||||
* Finally set a NS record for irc.example.com. to BIND or services.
|
||||
*/
|
||||
#module
|
||||
{
|
||||
name = "os_dns"
|
||||
|
||||
/* TTL for records. This should be very low if your records change often. */
|
||||
ttl = 1m
|
||||
|
||||
/* If a server drops this many users the server is automatically removed from the DNS zone.
|
||||
* This directive is optional.
|
||||
*/
|
||||
user_drop_mark = 50
|
||||
|
||||
/* The time used for user_drop_mark. */
|
||||
user_drop_time = 1m
|
||||
|
||||
/* When a server is removed from the zone for dropping users, it is readded after this time.
|
||||
* This directive is optional.
|
||||
*/
|
||||
user_drop_readd_time = 5m
|
||||
|
||||
/* If set, when a server splits, it is automatically removed from the zone. */
|
||||
remove_split_servers = yes
|
||||
|
||||
/* If set, when a server connects to the network, it will be automatically added to
|
||||
* the zone if it is a known server.
|
||||
*/
|
||||
readd_connected_servers = no
|
||||
}
|
||||
#command { service = "OperServ"; name = "DNS"; command = "operserv/dns"; permission = "operserv/dns"; }
|
||||
|
||||
/*
|
||||
* os_config
|
||||
*
|
||||
* Provides the command operserv/config.
|
||||
*
|
||||
* Used to view and set configuration options while services are running.
|
||||
*/
|
||||
module { name = "os_config" }
|
||||
command { service = "OperServ"; name = "CONFIG"; command = "operserv/config"; permission = "operserv/config"; }
|
||||
|
||||
/*
|
||||
* os_forbid
|
||||
*
|
||||
* Provides the command operserv/forbid.
|
||||
*
|
||||
* Used to forbid specific nicks, channels, emails, etc. from being used.
|
||||
*/
|
||||
module { name = "os_forbid" }
|
||||
command { service = "OperServ"; name = "FORBID"; command = "operserv/forbid"; permission = "operserv/forbid"; }
|
||||
|
||||
/*
|
||||
* os_ignore
|
||||
*
|
||||
* Provides the command operserv/ignore.
|
||||
*
|
||||
* Used to make Services ignore users.
|
||||
*/
|
||||
module { name = "os_ignore" }
|
||||
command { service = "OperServ"; name = "IGNORE"; command = "operserv/ignore"; permission = "operserv/ignore"; }
|
||||
|
||||
/*
|
||||
* os_info
|
||||
*
|
||||
* Provides the command operserv/info.
|
||||
*
|
||||
* Used to add oper only notes to users and channels.
|
||||
*/
|
||||
module { name = "os_info" }
|
||||
command { service = "OperServ"; name = "INFO"; command = "operserv/info"; permission = "operserv/info"; }
|
||||
|
||||
/*
|
||||
* os_jupe
|
||||
*
|
||||
* Provides the command operserv/jupe.
|
||||
*
|
||||
* Used to disconnect servers from the network and prevent them from relinking.
|
||||
*/
|
||||
module { name = "os_jupe" }
|
||||
command { service = "OperServ"; name = "JUPE"; command = "operserv/jupe"; permission = "operserv/jupe"; }
|
||||
|
||||
/*
|
||||
* os_kick
|
||||
*
|
||||
* Provides the command operserv/kick.
|
||||
*
|
||||
* Used to kick users from channels.
|
||||
*/
|
||||
module { name = "os_kick" }
|
||||
command { service = "OperServ"; name = "KICK"; command = "operserv/kick"; permission = "operserv/kick"; }
|
||||
|
||||
/*
|
||||
* os_kill
|
||||
*
|
||||
* Provides the command operserv/kill.
|
||||
*
|
||||
* Used to forcibly disconnect users from the network.
|
||||
*/
|
||||
module { name = "os_kill" }
|
||||
command { service = "OperServ"; name = "KILL"; command = "operserv/kill"; permission = "operserv/kill"; }
|
||||
|
||||
/*
|
||||
* os_list
|
||||
*
|
||||
* Provides the commands operserv/chanlist and operserv/userlist.
|
||||
*
|
||||
* Used to list and search the channels and users currently on the network.
|
||||
*/
|
||||
module { name = "os_list" }
|
||||
command { service = "OperServ"; name = "CHANLIST"; command = "operserv/chanlist"; permission = "operserv/chanlist"; }
|
||||
command { service = "OperServ"; name = "USERLIST"; command = "operserv/userlist"; permission = "operserv/userlist"; }
|
||||
|
||||
/*
|
||||
* os_login
|
||||
*
|
||||
* Provides the commands operserv/login and operserv/logout.
|
||||
*
|
||||
* Used to login to OperServ, only required if your oper block requires this.
|
||||
*/
|
||||
module { name = "os_login" }
|
||||
command { service = "OperServ"; name = "LOGIN"; command = "operserv/login"; }
|
||||
command { service = "OperServ"; name = "LOGOUT"; command = "operserv/logout"; }
|
||||
|
||||
/*
|
||||
* os_logsearch
|
||||
*
|
||||
* Provides the command operserv/logsearch.
|
||||
*
|
||||
* Used to search services log files.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "os_logsearch"
|
||||
|
||||
/* The log file name to search. There should be a log{} block configured to log
|
||||
* to a file of this name.
|
||||
*/
|
||||
logname = "services.log"
|
||||
}
|
||||
command { service = "OperServ"; name = "LOGSEARCH"; command = "operserv/logsearch"; permission = "operserv/logsearch"; }
|
||||
|
||||
/*
|
||||
* os_mode
|
||||
*
|
||||
* Provides the commands operserv/mode and operserv/umode.
|
||||
*
|
||||
* Used to change user and channel modes.
|
||||
*/
|
||||
module { name = "os_mode" }
|
||||
command { service = "OperServ"; name = "UMODE"; command = "operserv/umode"; permission = "operserv/umode"; }
|
||||
command { service = "OperServ"; name = "MODE"; command = "operserv/mode"; permission = "operserv/mode"; }
|
||||
|
||||
/*
|
||||
* os_modinfo
|
||||
*
|
||||
* Provides the commands operserv/modinfo and operserv/modlist.
|
||||
*
|
||||
* Used to show information about loaded modules.
|
||||
*/
|
||||
module { name = "os_modinfo" }
|
||||
command { service = "OperServ"; name = "MODINFO"; command = "operserv/modinfo"; permission = "operserv/modinfo"; }
|
||||
command { service = "OperServ"; name = "MODLIST"; command = "operserv/modlist"; permission = "operserv/modinfo"; }
|
||||
|
||||
/*
|
||||
* os_module
|
||||
*
|
||||
* Provides the commands operserv/modload, operserv/modreload, and operserv/modunload.
|
||||
*
|
||||
* Used to load, reload, and unload modules.
|
||||
*/
|
||||
module { name = "os_module" }
|
||||
command { service = "OperServ"; name = "MODLOAD"; command = "operserv/modload"; permission = "operserv/modload"; }
|
||||
command { service = "OperServ"; name = "MODRELOAD"; command = "operserv/modreload"; permission = "operserv/modload"; }
|
||||
command { service = "OperServ"; name = "MODUNLOAD"; command = "operserv/modunload"; permission = "operserv/modload"; }
|
||||
|
||||
/*
|
||||
* os_news
|
||||
*
|
||||
* Provides the commands operserv/logonnews, operserv/opernews, and operserv/randomnews.
|
||||
*
|
||||
* Used to configure news notices shown to users when they connect, and opers when they oper.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "os_news"
|
||||
|
||||
/*
|
||||
* The service bot names to use to send news to users on connection
|
||||
* and to opers when they oper.
|
||||
*/
|
||||
announcer = "Global"
|
||||
oper_announcer = "OperServ"
|
||||
|
||||
/*
|
||||
* The number of LOGON/OPER news items to display when a user logs on.
|
||||
*
|
||||
* This directive is optional, if not set it will default to 3.
|
||||
*/
|
||||
#newscount = 3
|
||||
}
|
||||
command { service = "OperServ"; name = "LOGONNEWS"; command = "operserv/logonnews"; permission = "operserv/news"; }
|
||||
command { service = "OperServ"; name = "OPERNEWS"; command = "operserv/opernews"; permission = "operserv/news"; }
|
||||
command { service = "OperServ"; name = "RANDOMNEWS"; command = "operserv/randomnews"; permission = "operserv/news"; }
|
||||
|
||||
/*
|
||||
* os_noop
|
||||
*
|
||||
* Provides the command operserv/noop.
|
||||
*
|
||||
* Used to NOOP a server, which prevents users from opering on that server.
|
||||
*/
|
||||
module { name = "os_noop" }
|
||||
command { service = "OperServ"; name = "NOOP"; command = "operserv/noop"; permission = "operserv/noop"; }
|
||||
|
||||
/*
|
||||
* os_oline
|
||||
*
|
||||
* Provides the command operserv/oline.
|
||||
*
|
||||
* Used to set oper flags on users, and is specific to UnrealIRCd.
|
||||
* See /helpop ?svso on your IRCd for more information.
|
||||
*
|
||||
* module { name = "os_oline" }
|
||||
* command { service = "OperServ"; name = "OLINE"; command = "operserv/oline"; permission = "operserv/oline"; }
|
||||
*/
|
||||
/*
|
||||
* os_oper
|
||||
*
|
||||
* Provides the command operserv/oper.
|
||||
*
|
||||
* Used to configure opers and show information about opertypes.
|
||||
*/
|
||||
module { name = "os_oper" }
|
||||
command { service = "OperServ"; name = "OPER"; command = "operserv/oper"; permission = "operserv/oper"; }
|
||||
|
||||
/*
|
||||
* os_reload
|
||||
*
|
||||
* Provides the command operserv/reload.
|
||||
*
|
||||
* Used to reload the services.conf configuration file.
|
||||
*/
|
||||
module { name = "os_reload" }
|
||||
command { service = "OperServ"; name = "RELOAD"; command = "operserv/reload"; permission = "operserv/reload"; }
|
||||
|
||||
/*
|
||||
* os_set
|
||||
*
|
||||
* Provides the command operserv/set.
|
||||
*
|
||||
* Used to set various settings such as superadmin, debug mode, etc.
|
||||
*/
|
||||
module
|
||||
{
|
||||
name = "os_set"
|
||||
|
||||
/*
|
||||
* If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant
|
||||
* them extra privileges such as being a founder on ALL channels.
|
||||
*
|
||||
* This directive is optional.
|
||||
*/
|
||||
superadmin = yes
|
||||
}
|
||||
command { service = "OperServ"; name = "SET"; command = "operserv/set"; permission = "operserv/set"; }
|
||||
|
||||
/*
|
||||
* os_shutdown
|
||||
*
|
||||
* Provides the commands operserv/quit, operserv/restart, and operserv/shutdown.
|
||||
*
|
||||
* Used to quit, restart, or shutdown services.
|
||||
*/
|
||||
module { name = "os_shutdown" }
|
||||
command { service = "OperServ"; name = "QUIT"; command = "operserv/quit"; permission = "operserv/quit"; }
|
||||
command { service = "OperServ"; name = "RESTART"; command = "operserv/restart"; permission = "operserv/restart"; }
|
||||
command { service = "OperServ"; name = "SHUTDOWN"; command = "operserv/shutdown"; permission = "operserv/shutdown"; }
|
||||
|
||||
/*
|
||||
* os_stats
|
||||
*
|
||||
* Provides the operserv/stats command.
|
||||
*
|
||||
* Used to show statistics about services.
|
||||
*/
|
||||
module { name = "os_stats" }
|
||||
command { service = "OperServ"; name = "STATS"; command = "operserv/stats"; permission = "operserv/stats"; }
|
||||
|
||||
/*
|
||||
* os_svs
|
||||
*
|
||||
* Provides the commands operserv/svsnick, operserv/svsjoin, and operserv/svspart.
|
||||
*
|
||||
* Used to force users to change nicks, join and part channels.
|
||||
*/
|
||||
module { name = "os_svs" }
|
||||
command { service = "OperServ"; name = "SVSNICK"; command = "operserv/svsnick"; permission = "operserv/svs"; }
|
||||
command { service = "OperServ"; name = "SVSJOIN"; command = "operserv/svsjoin"; permission = "operserv/svs"; }
|
||||
command { service = "OperServ"; name = "SVSPART"; command = "operserv/svspart"; permission = "operserv/svs"; }
|
||||
|
||||
/*
|
||||
* os_sxline
|
||||
*
|
||||
* Provides the operserv/snline and operserv/sqline commands.
|
||||
*
|
||||
* Used to ban real names, nick names, and possibly channels.
|
||||
*/
|
||||
module { name = "os_sxline" }
|
||||
command { service = "OperServ"; name = "SNLINE"; command = "operserv/snline"; permission = "operserv/snline"; }
|
||||
command { service = "OperServ"; name = "SQLINE"; command = "operserv/sqline"; permission = "operserv/sqline"; }
|
||||
|
||||
/*
|
||||
* os_update
|
||||
*
|
||||
* Provides the operserv/update command.
|
||||
*
|
||||
* Use to immediately update the databases.
|
||||
*/
|
||||
module { name = "os_update" }
|
||||
command { service = "OperServ"; name = "UPDATE"; command = "operserv/update"; permission = "operserv/update"; }
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue